EUVD-2007-1643

Malware in sbrugna...

EUVD-2016-9954

Malware in sbrugna...

EUVD-2007-2720

Malware in sbrugna...

EUVD-2008-5629

Malware in sbrugna...

EUVD-2009-4113

Malware in sbrugna...

EUVD-2014-4617

Malware in sbrugna...

EUVD-2016-8265

Malware in sbrugna...

EUVD-2016-7219

Malware in sbrugna...

EUVD-2025-0203

Malicious code in bioql PyPI...

EUVD-2025-10437

Malicious code in bioql PyPI...

EUVD-2022-29574

Malicious code in bioql PyPI...

EUVD-2025-8347

Malicious code in bioql PyPI...

EUVD-2022-2763

Malicious code in bioql PyPI...

CVE-2025-32298

CVE-2025-32298 concerns the WordPress CTUsers plugin (versions through 1.0.0). The vulnerability is an improper control of the filename used with include/require, i.e., a PHP Remote File Inclusion that enables PHP Local File Inclusion. The issue affects CTUsers up to 1.0.0 and is categorized with...

CVE-2025-52715

Affected software: WordPress Classified Listing plugin (WordPress Classified Listing) versions ≤ 4.2.0. Vulnerability: Local File Inclusion (PHP Remote File Inclusion) due to Improper Control of Filename for Include/Require statements in PHP. Impact: Potential exposure of local files via crafted ...

CVE-2025-49308 WordPress WP Travel Engine <= 6.5.1 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.5.1...

CVE-2025-32286 WordPress Butcher <= 2.40 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Butcher allows PHP Local File Inclusion. This issue affects Butcher: from n/a through 2.40...

CVE-2025-32309 WordPress Healsoul <= 2.0.2 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Healsoul allows PHP Local File Inclusion. This issue affects Healsoul: from n/a through 2.0.2...

CVE-2024-51754

Twig is a template language for PHP. In a sandbox, an attacker can call toString on an object even if the toString method is not allowed by the security policy when the object is part of an array or an argument list arguments to a function or a filter for instance. This issue has been patched in...

CVE-2025-32658

CVE-2025-32658 is a Deserialization of Untrusted Data vulnerability in the WordPress plugin HelpGent (wpWax HelpGent) that allows PHP Object Injection. Affected versions are n/a through 2.2.4. The CVSS 3.1 vector in the document indicates a NETWORK attack with HIGH impact: Confidentiality, Integr...