Lucene search
+L

7243 matches found

nuclei
nuclei
added yesterday66 views

elFinder < 2.1.58 - Remote Code Execution

studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in a .phar file, letting attackers execute arbitrary PHP code if the server parses .phar files as PHP, exploit requires server to parse .phar files as PHP. id: CVE-2021-23394 info: name: elFinder...

9.8CVSS7.5AI score0.19083EPSS
Exploits1References4
nuclei
nuclei
added yesterday30 views

Ads Pro Plugin <= 4.89 - Local File Inclusion

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the 'bsatemplate' parameter of the bsapreviewcallback function. This makes it possible for unauthenticated attackers to includ...

9.8CVSS6.5AI score0.28162EPSS
Exploits1References2
nuclei
nuclei
added yesterday61 views

Shield Security WP Plugin <= 18.5.9 - Local File Inclusion

The Shield Security Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP fil...

9.8CVSS7.2AI score0.56567EPSS
Exploits0References3
nuclei
nuclei
added yesterday114 views

HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6.5 via the 'template' parameter of the wooftextsearch AJAX action. This makes it possible for unauthenticated attackers to include and...

9.8CVSS7.4AI score0.54756EPSS
Exploits2References5
nuclei
nuclei
added yesterday115 views

Citrix SD-WAN Center - Local File Inclusion

Citrix SD-WAN Center is susceptible to local file inclusion via the applianceSettingsFileTransfer function in ApplianceSettingsController. The function does not sufficiently validate or sanitize HTTP request parameter values used to construct a file system path. An attacker can trigger this...

10CVSS7.2AI score0.39335EPSS
Exploits1References4
nuclei
nuclei
added yesterday12 views

OpenCATS - Command Injection

OpenCATS prior to commit 3002a29 contains a command injection caused by injection of PHP statements into the installer AJAX endpoint's databaseConnectivity action parameter, letting unauthenticated attackers execute arbitrary code, exploit requires incomplete installation wizard. id: CVE-2026-277...

9.2CVSS6.3AI score0.22189EPSS
Exploits0References4
nuclei
nuclei
added yesterday83 views

MetInfo CMS <= 8.1 - Remote Code Execution

MetInfo CMS 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability caused by insufficient input neutralization in the execution path, letting remote attackers execute arbitrary code remotely, exploit requires crafted requests. id: CVE-2026-29014 info: name: MetInfo CMS = 8....

9.8CVSS7.4AI score0.39688EPSS
Exploits4References3
cvelist
cvelist
added 3 days ago36 views

CVE-2026-46640 Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation

Twig is a template language for PHP. From 3.15.0 until 3.26.0, self. and import-alias dynamic attribute syntax can concatenate an attacker-controlled string into a MacroReferenceExpression name without identifier validation, causing raw PHP to be emitted into the generated template source and...

8.7CVSS0.00405EPSS
Exploits0References3
cve
cve
added 3 days ago41 views

CVE-2026-46640

CVE-2026-46640 — Twig (PHP template engine) : The issue affects Twig 3.15.0 through 3.26.0 where _self.() and import-alias dynamic attribute syntax can concatenate attacker-controlled strings into a MacroReferenceExpression name, bypassing identifier validation and causing raw PHP to be emitted a...

8.8CVSS6.1AI score0.00405EPSS
Exploits0References3Affected Software1
nuclei
nuclei
added 4 days ago184 views

Invision Community <=5.0.6 Unauthenticated RCE via Template Injection

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller /applications/core/modules/front/system/themeeditor.php, where a protected method named customCss can be invoked by unauthenticated...

10CVSS7.5AI score0.84852EPSS
Exploits6References5
cve
cve
added 6 days ago19 views

CVE-2026-15338

CVE-2026-15338 concerns the LA-Studio Element Kit for Elementor plugin for WordPress. Affected: all versions up to 1.6.1. Issue: Local File Inclusion via the get_type_template function in the progress_type widget setting. Exploitation requires authenticated access at contributor level or higher, ...

7.5CVSS6.5AI score0.00565EPSS
Exploits0References7
cvelist
cvelist
added 6 days ago36 views

CVE-2026-15338 LA-Studio Element Kit for Elementor <= 1.6.1 - Authenticated (Contributor+) Local File Inclusion via 'progress_type' Widget Setting

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the gettypetemplate function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...

7.5CVSS0.00565EPSS
Exploits0References7
cvelist
cvelist
added last week31 views

CVE-2026-9726 Drupal AlternativeCommerce (Basket) - Highly critical - Arbitrary PHP code execution - SA-CONTRIB-2026-038

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal AlternativeCommerce Basket allows Object Injection. This issue affects Drupal AlternativeCommerce Basket versions: from 0.0.0 to 2.1.17...

0.00313EPSS
Exploits0References1
osv
osv
added 2026/07/09 11:17 p.m.5 views

DEBIAN-CVE-2026-59856

Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into a search pattern that is run via winexecute without escaping. A name...

7.8CVSS6.3AI score0.00169EPSS
Exploits1References1
cve
cve
added 2026/07/09 6:52 a.m.7 views

CVE-2026-13080

The CVE concerns the WordPress plugin WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell . It is vulnerable to Local File Inclusion (LFI) in all versions up to and including 3.12.7 via the logKey parameter. The issue can be exploited by an attacker with at least administr...

6.6CVSS6.5AI score0.0071EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.8 views

PT-2026-57013

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0736 Description The PHP omni-completion script in runtime/autoload/phpcomplete.vim fails to escape class or trait names taken from the edited buffer before interpolating them into a search pattern executed via win...

8.4CVSS6.4AI score0.00169EPSS
Exploits1References17
osv
osv
added 2026/07/06 9:38 p.m.4 views

CVE-2026-43921 FOSSBilling vulnerable to arbitrary PHP code injection via unescaped config serialization

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOSSBilling's Config::prettyPrintArrayToPHP method. When configuration values are updated, string values are written into config.php without escaping...

8.9CVSS6.2AI score0.00274EPSS
Exploits0References3
nvd
nvd
added 2026/07/03 10:16 a.m.8 views

CVE-2026-5137

The RTMKit rometheme-for-elementor plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.7 This is due to insufficient path validation on the 'template' parameter in the rendertemplates AJAX endpoint, which is used directly in a require/include statement...

4.3CVSS0.00266EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/07/03 12:0 a.m.13 views

PT-2026-55522

Name of the Vulnerable Software and Affected Versions RTMKit versions prior to 2.0.8 Description The RTMKit rometheme-for-elementor plugin for WordPress contains a Local File Inclusion flaw. This occurs because the render templates AJAX endpoint does not properly validate the template parameter...

4.3CVSS6.2AI score0.00266EPSS
Exploits0References10
attackerkb
attackerkb
added 2026/07/02 8:4 p.m.6 views

CVE-2026-58467

Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATHINFO derived from REQUESTURI in filesystem path construction without containment checks...

8.2CVSS6.1AI score0.00406EPSS
Exploits0References5
Rows per page
Query Builder