CVE-2024-50436

CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)

PT-2024-34210

Name of the Vulnerable Software and Affected Versions: Theme Horse Meta News versions 1.1.7 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability whe...

PT-2024-34275 · Unknown · Buynowdepot Advanced Online Ordering/Delivery Platform

Name of the Vulnerable Software and Affected Versions: BuyNowDepot Advanced Online Ordering and Delivery Platform versions n/a through 2.0.0 Description: The issue affects the BuyNowDepot Advanced Online Ordering and Delivery Platform, allowing for PHP Local File Inclusion due to an improper...

CVE-2024-49701

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Theme Horse Mags.This issue affects Mags: from n/a through 1.1.6...

WordPress plugin Mags 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Qi Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Security Bulletin: IBM Cognos Analytics Mobile (iOS) is affected by multiple vulnerabilities

Summary There are vulnerabilities in Open Source Software OSS libraries consumed by IBM Cognos Analytics Mobile. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, vulnerabilites related to CORS misconfiguration and Certificate Pinning have been...

CVE-2024-49243

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0...

PT-2024-33381 · Elementor · Dynamic Elementor Addons

Name of the Vulnerable Software and Affected Versions: Dynamic Elementor Addons versions 1.0.0 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...

PT-2025-2805 · Flxeon · Flxeon

Name of the Vulnerable Software and Affected Versions: FLXEON versions 9.3.4 and older Description: Network access can be used to execute arbitrary code with elevated privileges. This issue is related to incorrect handling of file names for PHP functions include or require, which may allow a remo...

CVE-2024-47643

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...

CVE-2024-47643

CVE-2024-47643 affects WordPress plugin Include Fussball.de Widgets

WordPress plugin Include Fussball.De Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

WordPress Include Fussball.de Widgets plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Include Fussball.de Widgets versions = 4.0.0...

WordPress Include Fussball.de Widgets Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Include Fussball.de Widgets Type Plugin Vulnerable versions = 4.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47643 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e228304d4067 Credits stealthcopter Required...

SUSE CVE-2024-8775

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...

AZL-53180 CVE-2024-8775 affecting package ansible 2.14.18-1

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...

DEBIAN-CVE-2024-8775

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...

UBUNTU-CVE-2024-8775

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...