CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

336 matches found

NVD•added 2026/02/20 4:22 p.m.•2 views

CVE-2025-67980

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Hara hara allows PHP Local File Inclusion.This issue affects Hara: from n/a through = 1.2.17...

8.1CVSS0.00056EPSS

Exploits0References1

Cvelist•added 2026/02/20 3:47 p.m.•20 views

CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gustavo gustavo allows PHP Local File Inclusion.This issue affects Gustavo: from n/a through = 1.2.2...

8.1CVSS0.00056EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•6 views

CVE-2025-69407

CVE-2025-69407 affects WordPress Struktur theme <= 2.5.1. The issue is Local File Inclusion due to Improper Control of Filename for Include/Require in PHP, enabling potential PHP Local File Inclusion. Affected product/feature: Struktur theme (WordPress). Root cause: improper filename handling ...

8.1CVSS5.6AI score0.00056EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-69400 WordPress Yokoo theme <= 1.1.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Yokoo yokoo allows PHP Local File Inclusion.This issue affects Yokoo: from n/a through = 1.1.11...

8.1CVSS5.5AI score0.00056EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-69399

CVE-2025-69399 describes an Unauthenticated Local File Inclusion in the WordPress Cobble theme (ThemeREX Cobble) up to version 1.7. The issue arises from an improper control of the filename in include/require statements, enabling local file inclusion. Documented impact per sources indicates poten...

8.1CVSS5.6AI score0.00056EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•5 views

CVE-2025-68543

CVE-2025-68543: Local File Inclusion in WordPress theme Diza (thembay) up to version 1.3.15 due to improper control of include/require filenames. Affected: Diza

8.1CVSS5.6AI score0.00056EPSS

Exploits0References1

GithubExploit•added 2026/02/08 12:28 p.m.•556 views

Exploit for CVE-2025-49132

CVE-2025-49132 - Pterodactyl Panel Unauthenticated RCE...

10CVSS5.7AI score0.12525EPSS

Exploits25

CVE•added 2026/02/03 2:8 p.m.•9 views

CVE-2026-25027

The CVE-2026-25027 entry concerns WordPress Theme Unicamp/U NICAMP (Unicamp) with a Local File Inclusion (LFI) vulnerability caused by improper control of filenames in include/require statements. Affected: Unicamp up to version 2.7.1. Root cause: PHP Local File Inclusion enabled by flawed filenam...

7.5CVSS5.4AI score0.0017EPSS

Exploits0References1

NVD•added 2026/02/03 2:16 a.m.•3 views

CVE-2025-67484

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

9.8CVSS0.00034EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:17 p.m.•4 views

CVE-2025-69047

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech MaxShop swmaxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through = 3.6.20...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:17 p.m.•5 views

CVE-2025-69041

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Dekoro dekoro allows PHP Local File Inclusion.This issue affects Dekoro: from n/a through = 1.0.7...

8.1CVSS5.5AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:17 p.m.•2 views

CVE-2025-69037

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through = 1.2.3...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:17 p.m.•2 views

CVE-2025-69057

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Eldon eldon allows PHP Local File Inclusion.This issue affects Eldon: from n/a through = 1.0...

8.1CVSS5.5AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:16 p.m.•2 views

CVE-2025-49994

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Athens athens allows PHP Local File Inclusion.This issue affects Athens: from n/a through = 1.1.6...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•3 views

CVE-2026-23975

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through 1.7.5...

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

CVE•added 2026/01/23 2:29 p.m.•7 views

CVE-2026-24609

CVE-2026-24609 : WordPress theme Laurent (3.1) or apply vendor patch; multiple sources (Red Hat, PATCHSTACK, etc.) indicate the need to upgrade to mitigate the flaw.

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

Vulnrichment•added 2026/01/23 2:29 p.m.•3 views

CVE-2026-24608 WordPress Laurent Core plugin <= 2.4.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through = 2.4.1...

7.5CVSS5.5AI score0.00067EPSS

Exploits0References1

ATTACKERKB•added 2026/01/23 2:29 p.m.•1 views

CVE-2026-24609

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through = 3.1...

7.5CVSS5.9AI score0.0022EPSS

Exploits0References2

ATTACKERKB•added 2026/01/23 2:28 p.m.•1 views

CVE-2026-24531

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through = 2.3...

9.8CVSS5.9AI score0.00067EPSS

Exploits0References2

NVD•added 2026/01/22 5:16 p.m.•3 views

CVE-2025-69078

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Malta malta allows PHP Local File Inclusion.This issue affects Malta: from n/a through = 1.3.3...

8.1CVSS0.00066EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by