Lucene search
K

1142 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.6 views

The vulnerability of the Post Grid, Slider & Carousel Ultimate plugin of the WordPress content management system arises from improper handling of file names for PHP functions like include or require. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Post Grid, Slider & Carousel plugin in the WordPress content management system is related to improper handling of file names for PHP functions like include or require. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to...

6.8CVSS7.7AI score0.00451EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/01/27 3:15 p.m.3 views

CVE-2025-24782

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows PHP Local File Inclusion. This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.10...

8.8CVSS5.8AI score0.00451EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.8 views

PT-2025-5226 · Unknown · Mihajlovic Nenad Improved Sale Badges

Name of the Vulnerable Software and Affected Versions: Mihajlovic Nenad Improved Sale Badges – Free Version versions 1.0.1 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as PHP Remote File Inclusion, which...

8.1CVSS9.6AI score0.00853EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/22 12:0 a.m.8 views

PT-2025-5225 · Unknown · Webarea Background Animation Blocks

Name of the Vulnerable Software and Affected Versions: WebArea Background animation blocks versions 2.1.5 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...

8.1CVSS9.5AI score0.00879EPSS
Exploits0References5
OSV
OSV
added 2025/01/07 11:15 a.m.6 views

CVE-2024-49649

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23...

9.8CVSS7.3AI score0.00564EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

WordPress plugin Ach Invoice App 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.3AI score0.00584EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.4 views

PT-2024-9184 · Abb · Abb Aspect +2

Name of the Vulnerable Software and Affected Versions: ABB ASPECT - Enterprise version 3.08.02 NEXUS Series version 3.08.02 MATRIX Series version 3.08.02 Description: The issue is related to Local File Inclusion vulnerabilities, which allow access to sensitive system information. This is due to...

8.8CVSS7.3AI score0.00331EPSS
Exploits0References8
OSV
OSV
added 2024/11/30 9:15 p.m.4 views

CVE-2024-53739

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4...

9.8CVSS7.3AI score0.00642EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.7 views

PT-2024-35338 · Shopready · Shopready

Name of the Vulnerable Software and Affected Versions: Shopready versions n/a through 3.5 Description: The issue affects the Shopready PHP application, allowing for PHP Local File Inclusion due to improper control of filename for include/require statement. This is related to a 'PHP Remote File...

7.5CVSS9.8AI score0.00692EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.4 views

WordPress plugin Pricing table addon for elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS8.3AI score0.00692EPSS
Exploits0References1
OSV
OSV
added 2024/11/18 3:15 p.m.3 views

CVE-2024-52428

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Scripteo Ads Booster by Ads Pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through 1.12...

9.8CVSS5.8AI score0.00509EPSS
Exploits0References1
OSV
OSV
added 2024/10/28 8:15 p.m.4 views

CVE-2024-50436

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Theme Horse Clean Retina.This issue affects Clean Retina: from n/a through 3.0.6...

8.8CVSS5.8AI score0.00456EPSS
Exploits0References1
OSV
OSV
added 2024/10/28 8:15 p.m.4 views

CVE-2024-50457

: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.6.3...

8.8CVSS5.8AI score0.00543EPSS
Exploits0References1
CVE
CVE
added 2024/10/28 7:53 p.m.49 views

CVE-2024-50436

CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)

8.8CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.3 views

PT-2024-34210

Name of the Vulnerable Software and Affected Versions: Theme Horse Meta News versions 1.1.7 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability whe...

8.8CVSS7.2AI score0.00456EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/23 12:0 a.m.4 views

WordPress plugin Mags 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.8AI score0.00456EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/18 12:0 a.m.4 views

PT-2024-33381 · Elementor · Dynamic Elementor Addons

Name of the Vulnerable Software and Affected Versions: Dynamic Elementor Addons versions 1.0.0 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...

8.8CVSS7AI score0.00491EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/08 12:0 a.m.4 views

PT-2025-2805 · Flxeon · Flxeon

Name of the Vulnerable Software and Affected Versions: FLXEON versions 9.3.4 and older Description: Network access can be used to execute arbitrary code with elevated privileges. This issue is related to incorrect handling of file names for PHP functions include or require, which may allow a remo...

10CVSS8.2AI score0.04328EPSS
Exploits18References19
ICS
ICS
added 2024/10/01 6:0 a.m.30 views

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

9.8CVSS10AI score0.00701EPSS
Exploits0References10
NVD
NVD
added 2024/06/10 4:15 p.m.31 views

CVE-2024-35650

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Melapress MelaPress Login Security melapress-login-security.This issue affects MelaPress Login Security: from n/a through = 1.3.0...

7.2CVSS0.00558EPSS
Exploits0References2
Rows per page
Query Builder