PT-2025-36782

Name of the Vulnerable Software and Affected Versions: uxper Sala versions n/a through 1.1.6 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue. This allows for the inclusion of remote files, potentiall...

PT-2025-36795

Name of the Vulnerable Software and Affected Versions: gavias Ziston affected versions not specified Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local files within t...

PT-2025-36763

Name of the Vulnerable Software and Affected Versions: highwarden Super Store Finder versions through 6.9.7 Description: The software contains an Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' issue. Recommendations: Update to a version later than 6.9.7...

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

CVE-2025-58214

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Indutri indutri allows PHP Local File Inclusion.This issue affects Indutri: from n/a through 1.3.0...

CVE-2025-58206

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through = 3.2.5...

CVE-2025-58206

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach allows PHP Local File Inclusion. This issue affects MaxCoach: from n/a through 3.2.5...

CVE-2025-58206 WordPress MaxCoach Theme <= 3.2.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove MaxCoach maxcoach allows PHP Local File Inclusion.This issue affects MaxCoach: from n/a through = 3.2.5...

CVE-2025-58637

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in immonex immonex Kickstart immonex-kickstart allows PHP Local File Inclusion.This issue affects immonex Kickstart: from n/a through = 1.11.6...

PT-2025-36255

Name of the Vulnerable Software and Affected Versions: gavias Indutri versions prior to 1.3.0 Description: The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion. Recommendation...

CVE-2025-9920 Campcodes Recruitment Management System index.php include file inclusion

A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts the function include of the file /admin/index.php. The manipulation of the argument page results in file inclusion. It is possible to launch the attack remotely. The exploit has been released to the...

CVE-2025-58637

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in immonex immonex Kickstart immonex-kickstart allows PHP Local File Inclusion.This issue affects immonex Kickstart: from n/a through = 1.11.6...

CVE-2025-58608 WordPress MediaPress Plugin <= 1.5.9.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BuddyDev MediaPress mediapress allows PHP Local File Inclusion.This issue affects MediaPress: from n/a through = 1.5.9.1...

CVE-2025-9260

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versions 5.1.16 to 6.1.1 via deserialization of untrusted input in the parseUserProperties function. This makes it possible for authenticated...

PT-2025-35766

Name of the Vulnerable Software and Affected Versions immonex Kickstart versions through 1.11.6 Description The software contains an Improper Control of Filename for Include/Require Statement vulnerability, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...

PT-2025-35742

Name of the Vulnerable Software and Affected Versions: BuddyDev MediaPress versions through 1.5.9.1 Description: The software contains an Improper Control of Filename for Include/Require Statement, also known as a PHP Remote File Inclusion issue, which allows for PHP Local File Inclusion...

Linux Distros Unpatched Vulnerability : CVE-2023-5550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server...

CVE-2025-47696

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through = 3.4.7...

Linux Distros Unpatched Vulnerability : CVE-2024-34002

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore feedback modules...

Linux Distros Unpatched Vulnerability : CVE-2024-34005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user with both access to restore database activity...