PT-2025-33173 · Unknown · Geo Mashup

Name of the Vulnerable Software and Affected Versions: Geo Mashup versions through 1.13.16 Description: A flaw exists in the handling of filename control for include/require statements within a PHP program, specifically a PHP Local File Inclusion issue in Dylan Kuhn Geo Mashup. This allows for th...

WordPress plugin BeeTeam368 Extensions 安全漏洞

WordPress BeeTeam368 Extensions plugin is a WordPress plugin that is mainly used to extend the functionality of a website. The WordPress BeeTeam368 Extensions plugin suffers from a file inclusion vulnerability, which stems from improper control over the filename of an include or request statement...

WordPress plugin RT-Theme 18 | Extensions 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-33149 · Wp Royal Themes · News Magazine X

Name of the Vulnerable Software and Affected Versions: WP Royal Themes News Magazine X versions through 1.2.37 Description: A flaw exists in WP Royal Themes News Magazine X related to improper control of filename for include/require statements, leading to a PHP Local File Inclusion issue. This...

WordPress plugin Unicamp 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

The vulnerability of the usbnet_read_cmd() function in the include/linux/etherdevice.h library of Linux kernel allows a hacker to induce a service failure.

The vulnerability of the usbnetreadcmd function in the include/linux/etherdevice.h library of Linux kernel operating systems is a flaw in error handling. Exploiting this vulnerability could allow an attacker to cause service interruptions...

CVE-2012-10025

The WordPress plugin Advanced Custom Fields ACF version 3.5.1 and below contains a remote file inclusion RFI vulnerability in core/actions/export.php. When the PHP configuration directive allowurlinclude is enabled default: Off, an unauthenticated attacker can exploit the acfabspath POST paramete...

Exploit for OS Command Injection in Gnu Bash

This is an extension for Burp Suite, a web application security testing tool. The extension, named "ActiveScan++", extends Burp's active and passive scanning capabilities to identify application behavior that may be of interest to advanced testers. It includes checks for potential host header...

USN-7366-2 ruby-rack vulnerabilities

USN-7366-1 fixed vulnerabilities in Rack. This update provides the corresponding updates for Ubuntu 25.04. Original advisory details: Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. CVE-2025-25184...

PHP Remote File Inclusion

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to PHP Remote File Inclusion via the ajaxform.php process. An attacker can execute arbitrary code on the server by...

PHP Remote File Inclusion

Overview dolibarr/dolibarr is a modern and easy to use web software to manage your business. Affected versions of this package are vulnerable to PHP Remote File Inclusion in the perms process of menu creation and editing, where user-supplied input is evaluated without sufficient filtering of...

CVE-2025-47627

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2...

CVE-2025-52816

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themehunk Zita allows PHP Local File Inclusion. This issue affects Zita: from n/a through 1.6.5...

CVE-2025-28946

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme PrintXtore allows PHP Local File Inclusion.This issue affects PrintXtore: from n/a before 1.7.8...

WordPress plugin Samex - Clean, Minimal Shop WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-49259

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.10...

Apache Traffic Server（ATS） 资源管理错误漏洞

Apache Traffic Server ATS is the United States Apache Apache Foundation's set of scalable HTTP proxy and caching server. A resource management error vulnerability exists in Apache Traffic Server ATS versions 10.0.0 through 10.0.5 and 9.0.0 through 9.2.10, which stems from the ESI plugin not...

Regular Expression Denial of Service (ReDoS) in AdamWeightDecay Optimizer

The AdamWeightDecay optimizer is vulnerable to Regular Expression Denial of Service ReDoS. If an attacker can control the patterns in the includeinweightdecay or excludefromweightdecay lists, they can provide a malicious regular expression that causes catastrophic backtracking. When the optimizer...

CVE-2025-47572

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in mojoomla School Management allows PHP Local File Inclusion. This issue affects School Management: from n/a through 93.0.0...

CVE-2025-49259 WordPress Hara <= 1.2.10 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara allows PHP Local File Inclusion. This issue affects Hara: from n/a through 1.2.10...