CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

ATTACKERKB•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69037

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through = 1.2.3...

8.1CVSS5.3AI score0.00222EPSS

Exploits0References2

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4125

Name of the Vulnerable Software and Affected Versions Pippo versions through 1.2.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

5.3AI score0.00222EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 12:9 p.m.•3 views

CVE-2018-18240

Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling...

9.8CVSS7.8AI score0.02572EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0537

Malware in sbrugna...

10CVSS9.3AI score0.04173EPSS

Exploits1References7

RedhatCVE•added 2025/05/22 3:27 a.m.•4 views

CVE-2018-18628

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

10CVSS7.3AI score0.04173EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by