Lucene search
K

2005 matches found

Nuclei
Nuclei
added 16 hours ago11 views

OpenCATS - Command Injection

OpenCATS prior to commit 3002a29 contains a command injection caused by injection of PHP statements into the installer AJAX endpoint's databaseConnectivity action parameter, letting unauthenticated attackers execute arbitrary code, exploit requires incomplete installation wizard. id: CVE-2026-277...

9.2CVSS6.3AI score0.22189EPSS
Exploits0References4
Nuclei
Nuclei
added 16 hours ago29 views

Ads Pro Plugin <= 4.89 - Local File Inclusion

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the 'bsatemplate' parameter of the bsapreviewcallback function. This makes it possible for unauthenticated attackers to includ...

9.8CVSS6.5AI score0.28162EPSS
Exploits1References2
Nuclei
Nuclei
added 16 hours ago183 views

Invision Community <=5.0.6 Unauthenticated RCE via Template Injection

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller /applications/core/modules/front/system/themeeditor.php, where a protected method named customCss can be invoked by unauthenticated...

10CVSS7.5AI score0.84803EPSS
Exploits6References5
CVE
CVE
added 2 days ago15 views

CVE-2026-15338

CVE-2026-15338 concerns the LA-Studio Element Kit for Elementor plugin for WordPress. Affected: all versions up to 1.6.1. Issue: Local File Inclusion via the get_type_template function in the progress_type widget setting. Exploitation requires authenticated access at contributor level or higher, ...

7.5CVSS6.5AI score0.00565EPSS
Exploits0References7
CVE
CVE
added 4 days ago7 views

CVE-2026-13080

The CVE concerns the WordPress plugin WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell . It is vulnerable to Local File Inclusion (LFI) in all versions up to and including 3.12.7 via the logKey parameter. The issue can be exploited by an attacker with at least administr...

6.6CVSS6.5AI score0.0071EPSS
Exploits0References10
NVD
NVD
added 2026/07/03 10:16 a.m.8 views

CVE-2026-5137

The RTMKit rometheme-for-elementor plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7 This is due to insufficient path validation on the 'template' parameter in the rendertemplates AJAX endpoint, which is used directly in a require/include statement...

4.3CVSS0.00266EPSS
Exploits0References5
NVD
NVD
added 2026/06/24 1:16 p.m.9 views

CVE-2026-12242

The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to insufficient input validation and sanitization of the banner shortcode attribute before...

8.8CVSS0.00467EPSS
Exploits0References11
NVD
NVD
added 2026/06/22 2:17 p.m.13 views

CVE-2026-56446

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

8.7CVSS0.00383EPSS
Exploits0References1
CVE
CVE
added 2026/06/20 11:57 a.m.550 views

CVE-2026-48908

CVE-2026-48908 affects the Joomla extension SP Page Builder (com_sppagebuilder). Reports and PoCs confirm unauthenticated file upload via the asset.uploadCustomIcon task, allowing arbitrary files to be written to the webroot and potentially executing PHP code. Affected versions are 1.0.0 through ...

10CVSS6.1AI score0.01569EPSS
In wildExploits6References5Affected Software1
EUVD
EUVD
added 2026/06/20 11:56 a.m.18 views

EUVD-2026-38109

A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution...

10CVSS6AI score0.01505EPSS
Exploits4References1
CVE
CVE
added 2026/06/20 11:56 a.m.166 views

CVE-2026-48939

The CVE-2026-48939 issue affects iCagenda/Joomla. The vulnerability is in the frontend event submission form’s file attachment feature, where missing access control and lack of file validation allow unauthenticated uploads that are written to a web‑accessible directory and can be executed as PHP,...

10CVSS6AI score0.01505EPSS
In wildExploits4References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.30 views

PT-2026-50843

Name of the Vulnerable Software and Affected Versions BetterDocs Pro versions prior to 3.8.1 Description The plugin is susceptible to Local File Inclusion, a condition where an application includes files on a local server unexpectedly. Unauthenticated attackers can exploit this via the doc style...

9.8CVSS6.2AI score0.00886EPSS
Exploits2References10
EUVD
EUVD
added 2026/06/18 6:0 a.m.10 views

EUVD-2026-37852

The MagicForm WordPress plugin through 0.1.3 does not properly validate the type of files uploaded through an unauthenticated AJAX action when a form's per-field extension allowlist is left empty, allowing unauthenticated attackers to upload PHP files and execute arbitrary code on the server...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.10 views

Joomla! Extension 'JCE' < 2.9.99.5 Remote Code Execution

The version of the JCE Joomla Content Editor extension for the Joomla! application running on the remote host is prior to 2.9.99.5. It is, therefore, affected by an improper access control vulnerability. The extension allows the creation of new editor profiles for unauthenticated users, ultimatel...

10CVSS6.3AI score0.80425EPSS
Exploits19References3
GithubExploit
GithubExploit
added 2026/06/11 5:59 a.m.81 views

Exploit for Code Injection in Phpunit_Project Phpunit

CVE-2017-9841 — PHPUnit Remote Code Execution RCE PoC ⚠...

9.8CVSS8.4AI score0.99999EPSS
Exploits19
NVD
NVD
added 2026/06/09 1:16 p.m.17 views

CVE-2017-20251

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS0.00559EPSS
Exploits1References3
CVE
CVE
added 2026/06/08 6:24 p.m.36 views

CVE-2026-52778

YesWiki (PHP-based wiki) exposes a vulnerability in the Bazar form field calculator (CalcField.php) present before version 4.6.6. The code attempts to sanitize user-defined mathematical formulas using a complex recursive regex prior to passing them to PHP eval(), creating a surface for Regular Ex...

9.8CVSS6AI score0.00561EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.13 views

WordPress plugin WP User Manager – User Profile Builder & Membership 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS5.6AI score0.02403EPSS
Exploits1References14
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.15 views

CVE-2026-38991

Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary files with the .php file extension enabling arbitrary code...

8.8CVSS5.7AI score0.00375EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.15 views

CVE-2026-7522

The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .ph...

8.8CVSS6.3AI score0.00755EPSS
Exploits0References1
Rows per page
Query Builder