CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/26 3:1 p.m.•1 views

CVE-2026-27093

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...

8.1CVSS5.9AI score0.00172EPSS

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15783

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Emaurri emaurri allows PHP Local File Inclusion.This issue affects Emaurri: from n/a through = 1.0.1...

5.8AI score0.00056EPSS

NVD•added 2026/03/25 5:16 p.m.•1 views

CVE-2026-27081

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affects Rosebud: from n/a through = 1.4...

ATTACKERKB•added 2026/03/25 4:15 p.m.•0 views

CVE-2026-32504

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through = 1.1.8...

5.8AI score0.00172EPSS

Cvelist•added 2026/03/25 4:14 p.m.•22 views

CVE-2026-22513 WordPress Triompher theme <= 1.1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Triompher triompher allows PHP Local File Inclusion.This issue affects Triompher: from n/a through = 1.1.0...

CVE•added 2026/03/25 4:14 p.m.•5 views

CVE-2026-22515

CVE-2026-22515 targets the VegaDays Vegadays WordPress theme (

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-28019

Name of the Vulnerable Software and Affected Versions CreativeWS Kiddy versions through 2.0.8 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References3

Positive Technologies•added 2026/03/25 12:0 a.m.•2 views

PT-2026-27931

Name of the Vulnerable Software and Affected Versions LoveDate versions prior to 3.8.6 Description A flaw exists in the handling of filenames used in include/require statements within the PHP program LoveDate. This can lead to a PHP Local File Inclusion issue. The issue allows for the inclusion o...

RedhatCVE•added 2026/03/06 7:54 a.m.•2 views

Exploits0References3

CVE-2026-27990

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX ConFix confix allows PHP Local File Inclusion.This issue affects ConFix: from n/a through = 1.013...

RedhatCVE•added 2026/03/06 7:54 a.m.•3 views

CVE-2026-27383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

8.1CVSS5.8AI score0.00056EPSS

RedhatCVE•added 2026/03/06 7:54 a.m.•1 views

CVE-2026-28069

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Le Truffe letruffe allows PHP Local File Inclusion.This issue affects Le Truffe: from n/a through = 1.1.7...

RedhatCVE•added 2026/03/06 7:53 a.m.•1 views

CVE-2026-28024

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Helion helion allows PHP Local File Inclusion.This issue affects Helion: from n/a through = 1.1.12...

RedhatCVE•added 2026/03/06 7:53 a.m.•2 views

CVE-2026-22403

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Innovio innovio allows PHP Local File Inclusion.This issue affects Innovio: from n/a through = 1.9...

RedhatCVE•added 2026/03/06 7:53 a.m.•0 views

CVE-2026-22435

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes ElectroServ electroserv allows PHP Local File Inclusion.This issue affects ElectroServ: from n/a through = 1.3.2...

RedhatCVE•added 2026/03/06 7:52 a.m.•0 views

CVE-2026-22477

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects Felizia: from n/a through = 1.3.4...

EUVD•added 2026/03/05 6:30 a.m.•1 views

EUVD-2026-9671

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through = 1.1.12...

5.9AI score0.00172EPSS

EUVD•added 2026/03/05 6:30 a.m.•3 views

EUVD-2026-9656

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX OsTende ostende allows PHP Local File Inclusion.This issue affects OsTende: from n/a through = 1.4.3...

5.9AI score0.00172EPSS

NVD•added 2026/03/05 6:16 a.m.•2 views

CVE-2026-28129

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Little Birdies little-birdies allows PHP Local File Inclusion.This issue affects Little Birdies: from n/a through = 1.3.16...

NVD•added 2026/03/05 6:16 a.m.•1 views

CVE-2026-28059

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dermatology Clinic dermatology-clinic allows PHP Local File Inclusion.This issue affects Dermatology Clinic: from n/a through = 1.4.3...