26 matches found
CVE-2025-67995
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Injection.This issue affects PatioTime: from n/a through 2.1...
CVE-2025-67992
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through 2.1...
CVE-2025-67995
Deserialization of Untrusted Data vulnerability in LoftOcean PatioTime patiotime allows Object Injection.This issue affects PatioTime: from n/a through 2.1...
PT-2026-21060
Name of the Vulnerable Software and Affected Versions LoftOcean PatioTime versions prior to 2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...
EUVD-2025-18523
Malicious code in bioql PyPI...
EUVD-2025-17673
Malicious code in bioql PyPI...
EUVD-2025-17672
Malicious code in bioql PyPI...
EUVD-2025-17665
Malicious code in bioql PyPI...
CVE-2025-49508
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean CozyStay cozystay allows PHP Local File Inclusion.This issue affects CozyStay: from n/a through 1.7.1...
CVE-2025-49508
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean CozyStay cozystay allows PHP Local File Inclusion.This issue affects CozyStay: from n/a through 1.7.1...
CVE-2025-49508
CVE-2025-49508 is an Unauthenticated Local File Inclusion in CozyStay WordPress Theme prior to version 1.7.1 due to improper control of filenames in Include/Require statements (PHP Remote File Inclusion). Affected: CozyStay
PT-2025-25714 · Unknown · Loftocean Cozystay
Name of the Vulnerable Software and Affected Versions: LoftOcean CozyStay affected versions not specified Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...
CVE-2025-49454
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49507
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through 1.7.1...
CVE-2025-49455
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through = 25.07010000-WP6.8.1-JB5.11.5...
CVE-2025-49507
Deserialization of Untrusted Data vulnerability in LoftOcean CozyStay cozystay allows Object Injection.This issue affects CozyStay: from n/a through 1.7.1...
CVE-2025-49455
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickandPledge WordPress-WPJobBoard click-pledge-wpjobboard allows Blind SQL Injection.This issue affects WordPress-WPJobBoard: from n/a through = 25.07010000-WP6.8.1-JB5.11.5...
CVE-2025-49454
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects TinySalt: from n/a through 3.10.0...
CVE-2025-49454
CVE-2025-49454 is a Local File Inclusion in the LoftOcean TinySalt WordPress theme (pre-3.10.0) caused by improper control of filenames for PHP include/require statements. The vulnerability enables PHP Local File Inclusion due to referencing an attacker-controlled filename, as reported across mul...
CVE-2025-49455
CVE-2025-49455 affects LoftOcean TinySalt (WordPress Theme) prior to 3.10.0. The issue is described as a Deserialization of Untrusted Data vulnerability that enables Object Injection . The connected sources consistently identify TinySalt and specify the vulnerable version range as before 3.10.0, ...