CVE-2024-52427

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11...

CVE-2024-52427

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

CVE-2024-52427 WordPress Event Tickets with Ticket Scanner plugin <= 2.3.11 - Remote Code Execution (RCE) vulnerability

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

PT-2024-35267 · Unknown · Event Tickets With Ticket Scanner

Name of the Vulnerable Software and Affected Versions: Event Tickets with Ticket Scanner versions 2.3.11 and earlier Description: The issue affects Event Tickets with Ticket Scanner, allowing Server Side Include SSI Injection due to improper neutralization of special elements used in a template...

CVE-2024-50436

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Theme Horse Clean Retina.This issue affects Clean Retina: from n/a through 3.0.6...

CVE-2024-50457

: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.6.3...

CVE-2024-50436

CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)

PT-2024-34210

Name of the Vulnerable Software and Affected Versions: Theme Horse Meta News versions 1.1.7 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion'. This is a type of vulnerability whe...

PT-2024-34275 · Unknown · Buynowdepot Advanced Online Ordering/Delivery Platform

Name of the Vulnerable Software and Affected Versions: BuyNowDepot Advanced Online Ordering and Delivery Platform versions n/a through 2.0.0 Description: The issue affects the BuyNowDepot Advanced Online Ordering and Delivery Platform, allowing for PHP Local File Inclusion due to an improper...

CVE-2024-49701

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Theme Horse Mags.This issue affects Mags: from n/a through 1.1.6...

WordPress plugin Mags 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Qi Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Security Bulletin: IBM Cognos Analytics Mobile (iOS) is affected by multiple vulnerabilities

Summary There are vulnerabilities in Open Source Software OSS libraries consumed by IBM Cognos Analytics Mobile. These issues have been addressed by upgrading or removing the vulnerable libraries. Additionally, vulnerabilites related to CORS misconfiguration and Certificate Pinning have been...

CVE-2024-49243

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0...

PT-2024-33381 · Elementor · Dynamic Elementor Addons

Name of the Vulnerable Software and Affected Versions: Dynamic Elementor Addons versions 1.0.0 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP...

PT-2025-2805 · Flxeon · Flxeon

Name of the Vulnerable Software and Affected Versions: FLXEON versions 9.3.4 and older Description: Network access can be used to execute arbitrary code with elevated privileges. This issue is related to incorrect handling of file names for PHP functions include or require, which may allow a remo...

CVE-2024-47643

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects Include Fussball.de Widgets: from n/a through = 4.0.0...

CVE-2024-47643

CVE-2024-47643 affects WordPress plugin Include Fussball.de Widgets

WordPress plugin Include Fussball.De Widgets 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...