4 matches found
CVE-2026-39613
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue affects Boutique: from n/a through = 2.3.3...
EUVD-2026-15655
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
CVE-2026-25342
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kutethemes Boutique kute-boutique allows Reflected XSS.This issue affects Boutique: from n/a through 2.4.6...
PT-2026-27905
Name of the Vulnerable Software and Affected Versions kutethemes Boutique versions prior to 2.4.6 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a reflected cross-site scripting issue. This allows for the potential execution...