CVE-2026-22624

Technical details (affected product/components, versions, root cause, impact, and fixes) are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

WordPress Consulting Elementor Widgets plugin file inclusion vulnerability

WordPress Consulting Elementor Widgets plugin is a plugin for the Elementor page builder that allows users to add and customize website content with drag and drop functionality. A file inclusion vulnerability exists in the WordPress Consulting Elementor Widgets plugin, which stems from not...

WordPress plugin Consulting Elementor Widgets 安全漏洞

WordPress Consulting Elementor Widgets plugin is a plugin for the Elementor page builder that allows users to add and customize website content with drag and drop functionality. A file inclusion vulnerability exists in the WordPress Consulting Elementor Widgets plugin, which stems from not...

EUVD-2019-3802

Malware in sbrugna...

EUVD-2006-6450

Malware in sbrugna...

EUVD-2019-0282

Malware in sbrugna...

WordPress Plugin BizCalendar Web PHP Remote File Inclusion Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin BizCalendar Web 1.1.0.50 and previous versions of the PHP remote file inclusion...

WellChoose Organization Portal System File Inclusion Vulnerability

WellChoose Organization Portal System is an electronic directory service system from WellChoose in Taiwan, China. A file inclusion vulnerability exists in the WellChoose Organization Portal System, which can be exploited by an attacker to execute arbitrary code on the server due to a failure to...

SUSE CVE-2019-9809

If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service DOS attack. This...

CuppaCMS alertLightbox.php file contains vulnerabilities

CuppaCMS is a content management system CMS, and a file inclusion vulnerability exists in CuppaCMS version 1.0. The vulnerability stems from the fact that the url parameter in /alerts/alertLightbox.php does not effectively filter calls to local file resources, which could be exploited to read loc...

WordPress Button Generator Plugin File Inclusion Vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The WordPress Button Generator Plugin has a file inclusion vulnerability prior to 2.3.3. The vulnerability stems from the fact that the plugin does not effectively filter calls to remote file...

VulnCheck KEV: CVE-2021-22899

Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles...

CVE-2019-16983

In FusionPBX up to v4.5.7, the file resources\paging.php has a paging function called by several pages of the interface, which uses an unsanitized "param" variable constructed partially from the URL args and reflected in HTML, leading to XSS...

Input validation

Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access network or file resources on behalf of the server by supplying malicious HTML content...

CVE-2019-12153

RealObjects PDFreactor (before 10.1.10722) contains a flaw in its HTML parser that fails validation, enabling server-side request forgery (SSRF) by supplying malicious HTML content. The issue can allow an attacker to access network or file resources from the server. Public references indicate the...

CVE-2015-8953

A flaw was found in the Linux kernel's implementation of overlayfs. An attacker can leak file resources in the system by opening a large file with write permissions on a overlay filesystem that is insufficient to deal with the size of the write. When unmounting the underlying device, the system i...

Cisco ASA-CX Context-Aware Security appliance / Cisco Prime Security Manager DoS

File resources exhaustion...

Incorrect principal set for file: resources loaded via location bar — Mozilla

Security researchers Adam Barth and Collin Jackson reported that when a file: resource is loaded via the location bar it inherits the principal of the previously loaded document. This vulnerability can potentially give the newly loaded document additional privileges to access the contents of othe...

CVE-2006-6467

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not properly restrict access to SMB file resources, which allows remote attackers to gain unspecified file or directory access via vectors related to 1 visibility of the SMB "Home...