CVE-2023-53971 WebTareas 2.4 Authenticated Remote Code Execution via File Upload

WebTareas 2.4 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the chat photo upload functionality. Attackers can upload a PHP file with arbitrary code to the /files/Messages/ directory and execute it directly through the generated file pa...

CVE-2025-58925

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Neptunus neptunus allows PHP Local File Inclusion.This issue affects Neptunus: from n/a through = 1.0.11...

CVE-2025-49362

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Gracioza gracioza allows PHP Local File Inclusion.This issue affects Gracioza: from n/a through = 1.0.15...

CVE-2025-64193

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

CVE-2025-53447

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Assembly assembly allows PHP Local File Inclusion.This issue affects Assembly: from n/a through = 1.1...

CVE-2025-53439

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Harper harper allows PHP Local File Inclusion.This issue affects Harper: from n/a through = 1.13...

EUVD-2025-204075

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

EUVD-2025-204119

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Katelyn katelyn allows PHP Local File Inclusion.This issue affects Katelyn: from n/a through = 1.0.10...

CVE-2025-64193

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...

CVE-2025-58932

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through = 1.10...

CVE-2025-58894

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Good Mood good-mood allows PHP Local File Inclusion.This issue affects Good Mood: from n/a through = 1.16...

CVE-2025-53439

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Harper harper allows PHP Local File Inclusion.This issue affects Harper: from n/a through = 1.13...

CVE-2025-53445

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through = 1.4...

EUVD-2025-204133

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes W&D wd allows PHP Local File Inclusion.This issue affects W&D: from n/a through = 1.0...

EUVD-2025-204149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through = 1.9...

CVE-2025-58945 WordPress EcoGrow theme <= 1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes EcoGrow ecogrow allows PHP Local File Inclusion.This issue affects EcoGrow: from n/a through = 1.7...

PT-2025-52026

Name of the Vulnerable Software and Affected Versions AncoraThemes Etta versions through 1.14.0 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

PT-2025-52098

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Aromatica aromatica allows PHP Local File Inclusion.This issue affects Aromatica: from n/a through = 1.8...

PT-2025-52170

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign PenNews pennews allows PHP Local File Inclusion.This issue affects PenNews: from n/a through 6.7.3...

PT-2025-52079

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...