CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2 days ago•3 views

PT-2026-45741

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0...

8.1CVSS5.8AI score0.00115EPSS

Positive Technologies•added 2 days ago•6 views

PT-2026-45752

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS5.8AI score0.00115EPSS

RedhatCVE•added 2026/03/26 3:1 p.m.•1 views

CVE-2026-27093

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...

8.1CVSS5.9AI score0.00172EPSS

EUVD•added 2026/03/25 6:31 p.m.•2 views

EUVD-2026-15859

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy: from n/a through = 2.0.8...

5.8AI score0.00172EPSS

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15783

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through = 1.0.1...

5.8AI score0.00056EPSS

NVD•added 2026/03/25 5:16 p.m.•0 views

CVE-2026-27081

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through = 1.4...

8.1CVSS0.00172EPSS

NVD•added 2026/03/25 5:16 p.m.•1 views

CVE-2026-22493

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Gaspard gaspard allows PHP Local File Inclusion.This issue affects Gaspard: from n/a through = 1.3...

8.1CVSS0.00172EPSS

ATTACKERKB•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32504

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through = 1.1.8...

5.8AI score0.00172EPSS

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-22513 WordPress Triompher theme <= 1.1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through = 1.1.0...

8.1CVSS0.00172EPSS

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-22515

CVE-2026-22515 targets the VegaDays Vegadays WordPress theme (

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-28019

Name of the Vulnerable Software and Affected Versions CreativeWS Kiddy versions through 2.0.8 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References3

Positive Technologies•added 2026/03/25 12:0 a.m.•1 views

PT-2026-27931

Name of the Vulnerable Software and Affected Versions LoveDate versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program LoveDate. This can lead to a PHP Local File Inclusion issue. The issue allows for the inclusion o...

Positive Technologies•added 2026/03/13 12:0 a.m.•1 views

Exploits0References3

PT-2026-25239

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.0017EPSS

Exploits0References4

RedhatCVE•added 2026/03/06 7:54 a.m.•2 views

CVE-2026-27990

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through = 1.013...

RedhatCVE•added 2026/03/06 7:54 a.m.•3 views

CVE-2026-27383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

8.1CVSS5.8AI score0.00056EPSS

RedhatCVE•added 2026/03/06 7:54 a.m.•1 views

CVE-2026-28069

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

RedhatCVE•added 2026/03/06 7:53 a.m.•1 views

CVE-2026-28024

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Helion helion allows PHP Local File Inclusion.This issue affects Helion: from n/a through = 1.1.12...

RedhatCVE•added 2026/03/06 7:53 a.m.•3 views

CVE-2026-28123

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Veil veil allows PHP Local File Inclusion.This issue affects Veil: from n/a through = 1.9...

RedhatCVE•added 2026/03/06 7:53 a.m.•2 views

CVE-2026-22403

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Innovio innovio allows PHP Local File Inclusion.This issue affects Innovio: from n/a through = 1.9...