Lucene search
K

83 matches found

NVD
NVD
added 2026/07/04 8:16 a.m.6 views

CVE-2026-12194

PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations...

2.3CVSS0.00378EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/04 6:54 a.m.40 views

CVE-2026-12194 PHPIPAM Authenticated LFI

PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations...

2.3CVSS0.00378EPSS
Exploits0References2
CVE
CVE
added 2026/07/04 6:54 a.m.24 views

CVE-2026-12194

PHPIPAM is affected by an authenticated local file inclusion vulnerability that can allow API-authenticated users to include arbitrary PHP files on the server filesystem. The API is not enabled by default on installations. The CVSS metrics indicate a low-severity issue with network access, low ef...

2.3CVSS6.1AI score0.00378EPSS
Exploits0References2
NVD
NVD
added 2026/02/05 5:16 p.m.8 views

CVE-2020-37123

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters...

9.8CVSS0.03135EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-2019

Malware in sbrugna...

6.8CVSS6.1AI score0.03279EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-5897

Malware in sbrugna...

9.9CVSS8.9AI score0.02734EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2007-2177

Malware in sbrugna...

6.8CVSS6.4AI score0.04409EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-0829

Malware in sbrugna...

5CVSS6.4AI score0.09176EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-35456

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00384EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-33938

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00738EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29674

Malicious code in bioql PyPI...

6.6CVSS6.4AI score0.00757EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/16 11:11 a.m.3 views

CVE-2025-8142 Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout'

The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...

8.8CVSS7.9AI score0.00469EPSS
Exploits0References2
CVE
CVE
added 2025/06/23 8:48 p.m.60 views

CVE-2025-52562

Convoy CVE-2025-52562 describes an unauthenticated directory traversal vulnerability in the LocaleController affecting Convoy versions 3.9.0-rc3 through 4.4.0. Exploitation allows including and executing arbitrary PHP files on the server. The issue has been patched in version 4.4.1; a temporary w...

10CVSS9.8AI score0.01706EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:29 a.m.16 views

CVE-2024-30162

Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\toolbar::addPlugin method. This method handles uploaded ZIP files that are extracted into the...

7.2CVSS7.5AI score0.00701EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/28 9:14 a.m.20 views

CVE-2025-2101

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumalllazyloadtemplate' AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the serve...

8.1CVSS8.3AI score0.00736EPSS
Exploits0References1
NVD
NVD
added 2024/12/05 6:15 a.m.16 views

CVE-2024-11429

The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'stars-testimonials-with-slider-and-masonry-grid' shortcode. This makes it possible for...

8.8CVSS0.007EPSS
Exploits0References3
CVE
CVE
added 2024/11/21 2:6 a.m.55 views

CVE-2024-10898

CVE-2024-10898 affects the WordPress plugin Contact Form 7 Email Add on (

8.8CVSS8.9AI score0.01266EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/02 5:15 p.m.6 views

CVE-2024-3499

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the generatenavigationmarkup function of the Onepage Scroll module. This makes it possible for authenticated attackers, with contributor-level access and...

8.8CVSS6.3AI score0.01063EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/01/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-4328

The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server...

9.8CVSS7.4AI score0.04427EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/11/22 3:33 p.m.13 views

CVE-2023-5815 News & Blog Designer Pack – WordPress Blog Plugin <= 3.4.1 - Unauthenticated Remote Code Execution via Local File Inclusion

The News & Blog Designer Pack – WordPress Blog Plugin — Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdpgetmorepost...

8.1CVSS7.7AI score0.04262EPSS
Exploits0References4
Rows per page
Query Builder