Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

363 matches found

Positive Technologies
Positive Technologiesadded 2026/05/26 12:0 a.m.6 views

PT-2026-43452

TL;DR This vulnerability affects all Kirby sites on Kirby 5.3.0-5.4.0 and is independent from setup conditions and authentication. This vulnerability is of high severity for all Kirby sites. ---- Introduction Path traversal is a type of attack that allows to access arbitrary filesystem paths. By...

8.8CVSS6AI score
Exploits0References4
EUVD
EUVDadded 2026/03/25 6:31 p.m.2 views

EUVD-2026-15499

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Greenville greenville allows PHP Local File Inclusion.This issue affects Greenville: from n/a through = 1.3.2...

5.8AI score0.00172EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/03/20 9:55 p.m.6 views

AVideo has an Unauthenticated Local File Inclusion in API locale (RCE possible with writable PHP)

Summary An unauthenticated API endpoint APIName=locale concatenates user input into an include path with no canonicalization or whitelist. Path traversal is accepted, so arbitrary PHP files under the web root can be included. In our test this yielded confirmed file disclosure and code execution o...

8.6CVSS6.5AI score0.00344EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/13 11:42 a.m.0 views

CVE-2026-32369

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Medilink-Core medilink-core allows PHP Local File Inclusion.This issue affects Medilink-Core: from n/a through 2.0.7...

5.8AI score0.0017EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/06 7:54 a.m.3 views

CVE-2026-28012

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Gridiron gridiron allows PHP Local File Inclusion.This issue affects Gridiron: from n/a through = 1.0.14...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/06 7:54 a.m.3 views

CVE-2026-28045

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX N7 | Golf Club Sports & Events n7-golf-club allows PHP Local File Inclusion.This issue affects N7 | Golf Club Sports & Events: from n/a through = 2.16.0...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/05 6:30 a.m.3 views

EUVD-2026-9769

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through = 2.9...

8.1CVSS5.9AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/05 6:30 a.m.4 views

EUVD-2026-9709

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Police Department police-department allows PHP Local File Inclusion.This issue affects Police Department: from n/a through = 2.17...

8.1CVSS5.9AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/05 6:30 a.m.4 views

EUVD-2026-9684

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Foodie foodie allows PHP Local File Inclusion.This issue affects Foodie: from n/a through = 1.14...

5.9AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/05 6:30 a.m.5 views

EUVD-2026-9589

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through = 1.4...

5.9AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/05 6:30 a.m.3 views

EUVD-2026-9577

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through = 1.0...

5.9AI score0.00172EPSS
Exploits0References2
NVD
NVDadded 2026/03/05 6:16 a.m.2 views

CVE-2026-28032

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tuning tuning allows PHP Local File Inclusion.This issue affects Tuning: from n/a through = 1.3...

8.1CVSS0.00172EPSS
Exploits0References1
NVD
NVDadded 2026/03/05 6:16 a.m.1 views

CVE-2026-27383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RadiusTheme Metro metro allows PHP Local File Inclusion.This issue affects Metro: from n/a through = 2.13...

8.1CVSS0.00056EPSS
Exploits0References1
NVD
NVDadded 2026/03/05 6:16 a.m.1 views

CVE-2026-27336

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting &...

8.1CVSS0.00172EPSS
Exploits0References1
NVD
NVDadded 2026/03/05 6:16 a.m.4 views

CVE-2026-27097

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Them...

8.1CVSS0.00056EPSS
Exploits1References1
NVD
NVDadded 2026/03/05 6:16 a.m.2 views

CVE-2026-22439

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Green Planet green-planet allows PHP Local File Inclusion.This issue affects Green Planet: from n/a through = 1.1.14...

8.1CVSS0.00172EPSS
Exploits0References1
NVD
NVDadded 2026/03/05 6:16 a.m.5 views

CVE-2026-22429

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Verdure verdure allows PHP Local File Inclusion.This issue affects Verdure: from n/a through = 1.6...

8.1CVSS0.00172EPSS
Exploits0References1
CVE
CVEadded 2026/03/05 5:54 a.m.6 views

CVE-2026-28062

CVE-2026-28062 affects the WordPress theme ThemeREX Happy Baby (happy-baby) up to version 1.2.12. It is an Unauthenticated Local File Inclusion vulnerability caused by improper control of filename for include/require statements in PHP. Consequences described in sources indicate possible exposure ...

8.1CVSS5.9AI score0.00172EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/05 5:54 a.m.3 views

CVE-2026-28029

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX EmojiNation emojination allows PHP Local File Inclusion.This issue affects EmojiNation: from n/a through = 1.0.12...

5.9AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/03/05 12:0 a.m.4 views

WordPress plugin Scientia 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

8.1CVSS5.8AI score0.00172EPSS
Exploits0References1
Rows per page
Query Builder