Lucene search
K

857 matches found

CVE
CVE
added yesterday13 views

CVE-2026-12194

PHPIPAM is affected by an authenticated local file inclusion vulnerability that can allow API-authenticated users to include arbitrary PHP files on the server filesystem. The API is not enabled by default on installations. The CVSS metrics indicate a low-severity issue with network access, low ef...

2.3CVSS6.1AI score0.00378EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:26 p.m.4 views

CVE-2026-48945

The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 5:56 p.m.39 views

CVE-2026-45135

CVE-2026-45135 (Caddy) describes two Unicode bypass flaws in the FastCGI splitPos logic (modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go) that mis-use golang.org/x/text/search with IgnoreCase when a non-ASCII byte appears in the request path. This can cause a non-.php file to be treated as a sc...

8.1CVSS6.5AI score0.00399EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/20 1:37 p.m.5 views

CVE-2022-50972

WooCommerce 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter. Attackers can send requests to the class-wc-meta-box-product-images.php endpoint with unsanitized product-type value...

9.8CVSS6.8AI score0.00629EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/20 1:37 p.m.10 views

EUVD-2022-56008

WooCommerce 7.1.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary PHP code by injecting shell commands through the product-type parameter. Attackers can send requests to the class-wc-meta-box-product-images.php endpoint with unsanitized product-type value...

9.8CVSS6.8AI score0.00629EPSS
Exploits0References3
NVD
NVD
added 2026/06/13 7:16 a.m.18 views

CVE-2026-9062

The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary .php files from the server, including configuration files that contain database credentials and authentication keys...

3.4CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/13 6:0 a.m.7 views

CVE-2026-9062 Agile Store Locator < 1.6.9 - Admin+ Arbitrary File Read via Path Traversal

The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary .php files from the server, including configuration files that contain database credentials and authentication keys...

5.5AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:16 p.m.12 views

CVE-2026-45062

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS0.00568EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 5:38 p.m.19 views

CVE-2026-45062

CVE-2026-45062 affects FrankenPHP (versions 1.11.2–1.12.2). The vulnerability arises in the CGI path splitting logic (splitPos in cgi.go), where fallback matching uses golang.org/x/text/search with ignore-case, and engages when the request path contains non-ASCII bytes. Two flaws enable an attack...

8.1CVSS6.2AI score0.00568EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 5:38 p.m.42 views

CVE-2026-45062 FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS0.00568EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 5:38 p.m.9 views

EUVD-2026-36075

FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the request path contains a non-ASCII byte. Two distinct flaws in that fallback let an attacker mislead...

8.1CVSS6.2AI score0.00568EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 1:16 p.m.15 views

CVE-2017-20251

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS0.00559EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/09 11:48 a.m.10 views

EUVD-2017-18977

WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes through the WordPress REST API. Attackers can send POST requests to the wp-json/wp/v2/posts endpoint...

9.8CVSS6.1AI score0.00559EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/08 1:55 a.m.46 views

CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS0.00838EPSS
Exploits0References4
CVE
CVE
added 2026/06/08 1:55 a.m.26 views

CVE-2023-54350

Affected software: WordPress Augmented-Reality plugin. Vulnerability: remote code execution via the elFinder connector. Access/Impact: unauthenticated attackers can upload and execute arbitrary PHP files on the server. How it exploits: POST to connector.minimal.php with mkfile and put commands to...

8.7CVSS6.7AI score0.00532EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-41587

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0.0 to before version 0.31.7.0, a theme upload feature allows any authenticated backend user with theme-upload permission to achieve remo...

8.6CVSS6.2AI score0.00501EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 4:16 p.m.18 views

CVE-2026-39276

The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP code. By uploading a malicious ZIP archive containing directory traversal sequences in filenames, an attacker can overwrite default template files or...

7.2CVSS0.00782EPSS
Exploits1References2
NVD
NVD
added 2026/05/29 4:16 p.m.14 views

CVE-2018-25388

HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through multiple endpoints including aksifoto.php, aksiuser.php, and aksikecamatan.php to execute arbitrary...

8.8CVSS0.00519EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/29 2:46 p.m.13 views

EUVD-2018-21910

HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through multiple endpoints including aksifoto.php, aksiuser.php, and aksikecamatan.php to execute arbitrary...

8.8CVSS6.3AI score0.00519EPSS
Exploits0References4
CVE
CVE
added 2026/05/29 12:42 p.m.21 views

CVE-2026-44239

Affected software : FreePBX Dashboard module (Dashboard getcontent AJAX handler). Vulnerability : Prior to 16.0.22 and 17.0.5, the handler includes PHP files based on unsanitized user input, concatenating $_REQUEST['rawname'] into an include() call with a .class.php suffix. This enables path trav...

8.8CVSS6AI score0.00272EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder