CVE-2025-23938

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CRUDLab Image Gallery Box by CRUDLab image-gallery-box-by-crudlab allows PHP Local File Inclusion.This issue affects Image Gallery Box by CRUDLab: from n/a through = 1.0.3...

EUVD-2025-3552

Malicious code in bioql PyPI...

CVE-2025-23938

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CRUDLab Image Gallery Box by CRUDLab image-gallery-box-by-crudlab allows PHP Local File Inclusion.This issue affects Image Gallery Box by CRUDLab: from n/a through = 1.0.3...

CVE-2025-23938

CVE-2025-23938 affects Image Gallery Box by CRUDLab (WordPress plugin). Red Hat and WordPress vulnerability data describe an Authenticated Local File Inclusion (LFI) caused by improper handling of filename includes in PHP, enabling access to local files via NotFound Image Gallery Box pages. Affec...

CVE-2025-23938 WordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CRUDLab Image Gallery Box by CRUDLab image-gallery-box-by-crudlab allows PHP Local File Inclusion.This issue affects Image Gallery Box by CRUDLab: from n/a through = 1.0.3...

PT-2025-5216 · Crudlab · Image Gallery Box

Name of the Vulnerable Software and Affected Versions: Image Gallery Box by CRUDLab versions n/a through 1.0.3 Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...

WordPress plugin Image Gallery Box by CRUDLab 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Image Gallery Box by CRUDLab versions = 1.0.3...

WordPress Gallery Box plugin <= 1.7.33 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Gallery Box versions = 1.7.33...

WordPress Gallery Box Plugin <= 1.7.33 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gallery Box Type Plugin Vulnerable versions = 1.7.33 Fixed in 1.7.34 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32110 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f23c5a18d62c Credits Dhabaleshwar Das...

WordPress Gallery Box Plugin <= 1.7.30 is vulnerable to Cross Site Request Forgery (CSRF)

Software Gallery Box Type Plugin Vulnerable versions = 1.7.30 Fixed in 1.7.31 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID de0f4c50affe Credits István Márton Require...