14 matches found
EUVD-2025-9086
Malicious code in bioql PyPI...
PT-2025-27166 · Nicdark · Nicdark Hotel Booking
Name of the Vulnerable Software and Affected Versions: nicdark Hotel Booking versions n/a through 3.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...
PT-2025-27096 · Unknown · Thembay Puca
Name of the Vulnerable Software and Affected Versions: thembay Puca versions n/a through 2.6.33 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...
CVE-2025-24761
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from n/a through 2.4...
CVE-2025-49253 WordPress Lasa theme <= 1.1 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Lasa lasa allows PHP Local File Inclusion.This issue affects Lasa: from n/a through = 1.1...
CVE-2025-39378
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows PHP Local File...
PT-2025-16317 · Unknown · Notfound Coming Soon
Name of the Vulnerable Software and Affected Versions: NotFound Coming Soon, Maintenance Mode versions n/a through 1.1.1 Description: The issue is related to Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This...
CVE-2024-50436
CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)
CVE-2024-49251
CVE-2024-49251 corresponds to a Local File Inclusion in the WordPress plugin Maan Addons For Elementor (
Optigo Networks ONS-S8 - Spectra Aggregation Switch
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...
CVE-2024-35650
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...
CVE-2024-35650
The CVE CVE-2024-35650 concerns the MelaPress Login Security WordPress plugin. It is described as an authenticated (Admin+) PHP Remote File Inclusion vulnerability caused by improper control of the filename used in include/require statements. Affected software: Melapress Login Security versions u...
External Control Of Filename
phenx/php-svg-lib is vulnerable to External Control of Filename. The vulnerability is due to insecure handling of inline CSS font definitions, allowing an attacker to deserialize a PHAR file through the phar:// URL handler. Note that remote code execution is only possible on PHP versions less the...
Trend Micro Smart Protection Server Multiple Vulnerabilities
1. Advisory Information Title: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities Date published: 2017-12-19 Date of last update:...