Lucene search
K

21 matches found

RedhatCVE
RedhatCVE
added 2026/03/06 7:53 a.m.3 views

CVE-2026-28046

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/05 6:30 a.m.4 views

EUVD-2026-9706

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

5.9AI score0.00403EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 6:16 a.m.4 views

CVE-2026-28046

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

8.1CVSS0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:54 a.m.30 views

CVE-2026-28046 WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

8.1CVSS0.00403EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:54 a.m.11 views

CVE-2026-28046

CVE-2026-28046 is a Local File Inclusion vulnerability in the WordPress WordPress Law Office theme (ThemeREX Law Office) affecting versions up to 3.3.0. The issue stems from improper control of filenames in PHP include/require, enabling potential local file access via a network-exposed vector. Th...

8.1CVSS5.9AI score0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:54 a.m.4 views

CVE-2026-28046 WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.5 views

PT-2026-23326

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through = 3.3.0...

5.9AI score0.00403EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Law Office 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/02 11:27 a.m.5 views

WordPress Law Office theme <= 3.3.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Law Office versions = 3.3.0...

8.1CVSS5.9AI score0.00403EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:21 a.m.10 views

CVE-2024-44430

SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortexlite/control/registercase.php interface...

9.8CVSS9.7AI score0.00676EPSS
Exploits1References1
NVD
NVD
added 2024/09/13 8:15 p.m.25 views

CVE-2024-44430

SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortexlite/control/registercase.php interface...

9.8CVSS0.00676EPSS
Exploits1References2
CVE
CVE
added 2024/09/13 12:0 a.m.55 views

CVE-2024-44430

CVE-2024-44430 describes an SQL Injection vulnerability in the Best Free Law Office Management Software v1.0, exploitable via the korteX_lite/control/register_case.php interface. The affected component appears to be the web-facing register_case entry point, enabling an attacker to execute arbitra...

9.8CVSS8.2AI score0.00676EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/13 12:0 a.m.4 views

PT-2024-31152 · Unknown · Best Free Law Office Management

Name of the Vulnerable Software and Affected Versions: Best Free Law Office Management Software version 1.0 Description: The issue allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the "kortex lite/control/register case.php" interface. This...

9.8CVSS7.6AI score0.00676EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/09/13 12:0 a.m.22 views

CVE-2024-44430

SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortexlite/control/registercase.php interface...

0.00676EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2023/12/25 5:36 a.m.8 views

lawoffice.com.es Improper Access Control vulnerability OBB-3822512

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/05/10 5:4 p.m.15 views

prinzlawoffice.com Cross Site Scripting vulnerability OBB-3317458

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/10/25 12:0 a.m.24 views

VirtualLawOffice.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Virtual Law Office phpcrootpath Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: xoron Tum islam aleminin Ramazan Bayrami...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/10/21 12:0 a.m.20 views

Virtual Law Office (phpc_root_path) Remote File Include Vulnerabilities

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Virtual Law Office phpcrootpath Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Author: xoron...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/10/21 12:0 a.m.14 views

Virtual Law Office - phpc_root_path Remote File Inclusion

Virtual Law Office - phpcrootpath Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Virtual Law Office phpcrootpath Remote File Include Vulnerability...

7.5AI score
Exploits0
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.22 views

CVE-2004-1423

Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office VLO and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpcrootpath parameter to 1 includes/calendar.ph...

7.6AI score0.15469EPSS
Exploits3References12
Rows per page
Query Builder