CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

561 matches found

Positive Technologies•added 2026/06/02 12:0 a.m.•11 views

PT-2026-45753

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4...

8.1CVSS5.8AI score0.00334EPSS

Exploits0References2

RedhatCVE•added 2026/05/26 8:13 p.m.•16 views

CVE-2025-1782

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated...

9.9CVSS7AI score0.00456EPSS

Exploits0References1

GithubExploit•added 2026/05/25 11:16 a.m.•70 views

dvwa_web_security_labs

DVWA Web Security Labs Project Description This project c...

6AI score

Exploits0

CVE•added 2026/05/02 2:0 p.m.•11 views

CVE-2026-7633

Totolink N300RH 6.1c.1353_B20190305 is affected by CVE-2026-7633 in the setUploadSetting function of /cgi-bin/cstecgi.cgi. Manipulating the FileName argument leads to file inclusion and may be exploitable remotely. Public exploit is reported; patch/version details are not provided in the sources.

6.9CVSS6.4AI score0.00329EPSS

Exploits0References5

RedhatCVE•added 2026/03/26 5:2 p.m.•1 views

CVE-2026-27076

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes LuxeDrive luxedrive allows PHP Local File Inclusion.This issue affects LuxeDrive: from n/a through = 1.0...

8.1CVSS5.8AI score0.00512EPSS

Exploits0References1

EUVD•added 2026/03/25 6:31 p.m.•2 views

EUVD-2026-15779

5.8AI score0.00512EPSS

Exploits0References2

NVD•added 2026/03/25 5:17 p.m.•4 views

CVE-2026-32504

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativeWS VintWood vintwood allows PHP Local File Inclusion.This issue affects VintWood: from n/a through = 1.1.8...

8.1CVSS0.00403EPSS

Exploits0References1

NVD•added 2026/03/25 5:16 p.m.•3 views

CVE-2026-22506

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Amoli amoli allows PHP Local File Inclusion.This issue affects Amoli: from n/a through = 1.0...

8.1CVSS0.00504EPSS

Exploits0References1

CNNVD•added 2026/03/11 12:0 a.m.•3 views

WellChoose IFTOP 安全漏洞

WellChoose IFTOP is a command-line network traffic monitoring tool for analyzing network traffic statistics, developed by WellChoose, a company based in Taiwan, China. WellChoose IFTOP has a security vulnerability, which stems from a local file inclusion vulnerability. This vulnerability could...

9.8CVSS6.3AI score0.00524EPSS

Exploits0References2

OSV•added 2026/03/09 4:16 p.m.•4 views

CVE-2025-70046

An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...

9.8CVSS5.8AI score0.00359EPSS

Exploits0References3

NVD•added 2026/03/09 4:16 p.m.•3 views

CVE-2025-70046

An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...

9.8CVSS0.00359EPSS

Exploits0References3

RedhatCVE•added 2026/03/06 7:54 a.m.•4 views

CVE-2026-28009

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through = 1.1.12...

8.1CVSS5.8AI score0.00403EPSS

Exploits0References1

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9745

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Gamezone gamezone allows PHP Local File Inclusion.This issue affects Gamezone: from n/a through = 1.1.11...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References2

EUVD•added 2026/03/05 6:30 a.m.•2 views

EUVD-2026-9738

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Windsor windsor allows PHP Local File Inclusion.This issue affects Windsor: from n/a through = 2.5.0...

8.1CVSS5.9AI score0.00415EPSS

Exploits0References2

NVD•added 2026/03/05 6:16 a.m.•3 views

CVE-2026-28018

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...

8.1CVSS0.00403EPSS

Exploits0References1

NVD•added 2026/03/05 6:16 a.m.•3 views

CVE-2026-22457

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local File Inclusion.This issue affects Wanderland: from n/a through = 1.5...

8.1CVSS0.00519EPSS

Exploits0References1

CVE•added 2026/03/05 5:54 a.m.•7 views

CVE-2026-28019

CVE-2026-28019 : In ThemeREX Manoir (WordPress theme), there is an issue described as Improper Control of Filename for Include/Require Statement in PHP Program, effectively a Local File Inclusion (LFI) vulnerability. The public description specifies exploitation related to PHP include/require fil...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

CVE•added 2026/03/05 5:53 a.m.•4 views

CVE-2026-22477

CVE-2026-22477 is a Local File Inclusion for the WordPress theme Felizia (AncoraThemes) and affects Felizia versions up to 1.3.4. The vulnerability arises from improper control of the filename used in PHP include/require, enabling local file inclusion. The NVD entry lists CVSS v3.1 base score 8.1...

8.1CVSS5.9AI score0.00403EPSS

Exploits0References1

Cvelist•added 2026/03/05 5:53 a.m.•32 views

CVE-2026-22477 WordPress Felizia theme <= 1.3.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects Felizia: from n/a through = 1.3.4...

8.1CVSS0.00403EPSS

Exploits0References1

CNNVD•added 2026/03/05 12:0 a.m.•6 views

OpenClaw 安全漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw suffers from a file inclusion vulnerability. An attacker can exploit this vulnerability to read arbitrary files in the local file system...

8.2CVSS5.9AI score0.00292EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by