Code-Projects Simple Forum 路径遍历漏洞

Simple forum is a simple forum. Simple forum suffers from a path traversal vulnerability, which stems from the parameter filename in the file /forumdownloadfile.php failing to properly filter for special elements in the path of a resource or file. An attacker can exploit this vulnerability to cau...

CVE-2025-5966

Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the AddTemp function. An attacker can access or modify files outside the intended directory by supplying crafted input to the filename parameter. Details A Directory Traversal attack also known as path traversal...

CVE-2025-52816

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themehunk Zita allows PHP Local File Inclusion. This issue affects Zita: from n/a through 1.6.5...

CVE-2025-24760

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Sofass sofass allows PHP Local File Inclusion.This issue affects Sofass: from n/a through = 1.3.4...

PT-2025-27100 · Ctusers · Ctusers

Name of the Vulnerable Software and Affected Versions: CTUsers versions through 1.0.0 Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. Recommendations:...

PT-2025-27096 · Unknown · Thembay Puca

Name of the Vulnerable Software and Affected Versions: thembay Puca versions n/a through 2.6.33 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...

WordPress plugin CTUsers 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

sublinkX 路径遍历漏洞

sublinkX is an open source node subscription conversion and generation management system developed by Chen Hui. A path traversal vulnerability exists in sublinkX 1.8 and earlier versions, which stems from the incorrect operation of the parameter filename in the file api/template.go, resulting in...

LightRAG 路径遍历漏洞

LightRAG is a search enhancement generation application at HKU University in China. A path traversal vulnerability exists in LightRAG 1.3.8 and earlier versions, which stems from path traversal due to incorrect manipulation of the parameter file.filename in the file...

WordPress plugin WPB Category Slider for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Diza 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Networker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Zikzag Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Greenmart 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin FW Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Gmedia Photo Gallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Hotel Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-27164 · Unknown · Gmedia Photo Gallery

Name of the Vulnerable Software and Affected Versions: Gmedia Photo Gallery versions 1.23.0 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion'. This allows PHP Local File Inclusion...

PT-2025-27166 · Nicdark · Nicdark Hotel Booking

Name of the Vulnerable Software and Affected Versions: nicdark Hotel Booking versions n/a through 3.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...