CVE-2025-62524

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the X-Powered-By header, enabling attackers to fingerprint the server and assess potential exploits. This information disclosure vulnerability originates from PHP’s...

CVE-2025-54017

CVE-2025-54017 is a PHP Local File Inclusion in the WordPress plugin Paid Member Subscriptions (vulnerable up to 2.15.4). The root cause is improper control of include/require filenames, enabling local file inclusion. The vulnerability is rated high (CVSS 3.1 base 7.5) with network access, high i...

PT-2022-17348

Name of the Vulnerable Software and Affected Versions Duplicator WordPress plugin versions prior to 1.4.7 Description The issue concerns the lack of authentication or authorization for visitors, allowing them to view sensitive system information, including server software, PHP version, and the fu...

DEBIAN-CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...