CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Packet Storm•added 2026/02/24 12:0 a.m.•104 views

📄 SPIP Saisies 5.11.0 Remote Code Execution

Proof of concept exploit for a PHP code injection vulnerability in the Saisies plugin for SPIP. The vulnerability allows an attacker to inject and execute arbitrary PHP code through the vulnerable parameter anciennesvaleurs. Versions 5.4.0 through 5.11.0 are affected. Written in PHP...

9.8CVSS6.1AI score0.85415EPSS

Exploits5

RedhatCVE•added 2026/01/08 3:15 a.m.•3 views

CVE-2025-69356

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows PHP Local File Inclusion.This issue affects TheGem Theme Elements for Elementor: from n/a through...

7.5CVSS7.1AI score0.00118EPSS

Exploits0References1

NVD•added 2026/01/06 5:15 p.m.•5 views

CVE-2025-69356

7.5CVSS0.00118EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:36 p.m.•23 views

CVE-2025-69357 WordPress TheGem Theme Elements (for Elementor) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for Elementor thegem-elements-elementor allows Stored XSS.This issue affects TheGem Theme Elements for Elementor: from n/a through = 5.11.0...

6.5CVSS0.00024EPSS

Exploits0References1

CVE•added 2026/01/06 4:36 p.m.•11 views

CVE-2025-69356

CVE-2025-69356 refers to an authenticated Local File Inclusion in TheGem Theme Elements (for Elementor) from the TheGem Theme Elements family. The issue arises from Improper Control of Filename for Include/Require Statements in PHP, affecting TheGem Theme Elements (for Elementor) up to version 5....

7.5CVSS6.7AI score0.00118EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:36 p.m.•22 views

CVE-2025-69360 WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodexThemes TheGem Theme Elements for WPBakery thegem-elements allows DOM-Based XSS.This issue affects TheGem Theme Elements for WPBakery: from n/a through = 5.11.0...

6.5CVSS0.00024EPSS

Exploits0References1

Positive Technologies•added 2026/01/06 12:0 a.m.•3 views

PT-2026-1487

Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Theme Elements for WPBakery versions through 5.11.0 Description TheGem Theme Elements for WPBakery contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS...

6.5CVSS6.4AI score0.00024EPSS

Exploits0References4

Positive Technologies•added 2026/01/06 12:0 a.m.•21 views

PT-2026-1484

Name of the Vulnerable Software and Affected Versions CodexThemes TheGem Theme Elements for Elementor versions through 5.11.0 Description TheGem Theme Elements for Elementor contains a flaw related to improper control of filename for include/require statements, potentially leading to PHP Local Fi...

6.5AI score0.00118EPSS

Exploits0References4

OSV•added 2024/08/12 5:15 p.m.•3 views

CVE-2024-40500

Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component...

8.6CVSS7.2AI score0.02122EPSS

Exploits1References2

CNVD•added 2020/06/22 12:0 a.m.•1 views

Mattermost Server Input Validation Error Vulnerability (CNVD-2020-35438)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. An input validation error vulnerability exists in Mattermost Server versions prior to 5.11.0, which stems from the program failing to properly generate invitation IDs.No details of the vulnerability...

7.5CVSS6.8AI score0.00241EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by