Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.38 views

EUVD-2025-9086

Malicious code in bioql PyPI...

9.8CVSS8.9AI score0.00736EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.3 views

PT-2025-27166 · Nicdark · Nicdark Hotel Booking

Name of the Vulnerable Software and Affected Versions: nicdark Hotel Booking versions n/a through 3.7 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

7.5CVSS7AI score0.00477EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.4 views

PT-2025-27096 · Unknown · Thembay Puca

Name of the Vulnerable Software and Affected Versions: thembay Puca versions n/a through 2.6.33 Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion. This...

8.1CVSS7.5AI score0.00489EPSS
Exploits0References3
NVD
NVD
added 2025/06/17 3:15 p.m.6 views

CVE-2025-24761

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from n/a through 2.4...

8.1CVSS0.00489EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.10 views

CVE-2025-49253 WordPress Lasa theme <= 1.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Lasa lasa allows PHP Local File Inclusion.This issue affects Lasa: from n/a through = 1.1...

8.1CVSS0.00397EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 4:15 p.m.11 views

CVE-2025-39378

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows PHP Local File...

7.5CVSS0.00611EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.6 views

PT-2025-16317 · Unknown · Notfound Coming Soon

Name of the Vulnerable Software and Affected Versions: NotFound Coming Soon, Maintenance Mode versions n/a through 1.1.1 Description: The issue is related to Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This...

7.5CVSS7.9AI score0.0051EPSS
Exploits0References7
CVE
CVE
added 2024/10/28 7:53 p.m.50 views

CVE-2024-50436

CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)

8.8CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/10/16 1:27 p.m.60 views

CVE-2024-49251

CVE-2024-49251 corresponds to a Local File Inclusion in the WordPress plugin Maan Addons For Elementor (

7.5CVSS5.9AI score0.00555EPSS
Exploits0References1
ICS
ICS
added 2024/10/01 6:0 a.m.30 views

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

9.8CVSS10AI score0.00701EPSS
Exploits0References10
NVD
NVD
added 2024/06/10 4:15 p.m.31 views

CVE-2024-35650

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...

7.2CVSS0.00558EPSS
Exploits0References2
CVE
CVE
added 2024/06/10 3:43 p.m.51 views

CVE-2024-35650

The CVE CVE-2024-35650 concerns the MelaPress Login Security WordPress plugin. It is described as an authenticated (Admin+) PHP Remote File Inclusion vulnerability caused by improper control of the filename used in include/require statements. Affected software: Melapress Login Security versions u...

7.2CVSS5.9AI score0.00558EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2024/02/23 7:23 a.m.13 views

External Control Of Filename

phenx/php-svg-lib is vulnerable to External Control of Filename. The vulnerability is due to insecure handling of inline CSS font definitions, allowing an attacker to deserialize a PHAR file through the phar:// URL handler. Note that remote code execution is only possible on PHP versions less the...

8AI score
Exploits0
Core Security
Core Security
added 2017/12/19 12:0 a.m.562 views

Trend Micro Smart Protection Server Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities Date published: 2017-12-19 Date of last update:...

9.8CVSS9.4AI score0.19369EPSS
Exploits10
Rows per page
Query Builder