CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/02/20 12:0 a.m.•4 views

openITCOCKPIT 代码问题漏洞

openITCOCKPIT is an open-source system monitoring software. Versions of openITCOCKPIT 5.3.1 and earlier have code vulnerabilities. These vulnerabilities stem from insecure deserialization points in the Gearman worker implementation, which may lead to PHP object injection attacks...

7.5CVSS5.9AI score0.00177EPSS

Exploits1References2

CNNVD•added 2026/02/20 12:0 a.m.•4 views

WordPress plugin TopperPack – Complete Elementor Addons, Theme & CPT Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00143EPSS

Positive Technologies•added 2026/02/20 12:0 a.m.•3 views

PT-2026-21168

Name of the Vulnerable Software and Affected Versions whatwouldjessedo Simple Retail Menus versions through 4.2.1 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP...

5.4AI score0.00143EPSS

CNNVD•added 2026/02/20 12:0 a.m.•5 views

WordPress plugin Hara 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CNNVD•added 2026/02/20 12:0 a.m.•5 views

WordPress plugin Netmix 安全漏洞

CNNVD•added 2026/02/20 12:0 a.m.•6 views

Smanga 安全漏洞

Smanga is a Docker-based comic streaming reading tool developed by lkw199711. Version 3.2.7 of Smanga has a security vulnerability. This vulnerability stems from improper handling of the mediaId parameter in the /php/path/rescan.php interface. It could allow unverified attackers to inject operati...

9.8CVSS6.5AI score0.00335EPSS

CNNVD•added 2026/02/20 12:0 a.m.•6 views

WordPress plugin CozyStay 安全漏洞

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21221

Name of the Vulnerable Software and Affected Versions AncoraThemes Blabber versions through 1.7.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion ...

8.1CVSS5.4AI score0.00172EPSS

Exploits0References4

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21155

Name of the Vulnerable Software and Affected Versions SolverWp Eleblog – Elementor Blog And Magazine Addons versions through 2.0.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This...

5.4AI score0.00033EPSS

ATTACKERKB•added 2026/02/20 12:0 a.m.•6 views

CVE-2025-70833

An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user including the administrator and fully takeover the account by manipulating POST parameters. The issue stems from insecure permission validation in check-power.php...

5.6AI score0.00199EPSS

Exploits0References2

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21096

Name of the Vulnerable Software and Affected Versions thembay Diza versions through 1.3.15 Description An issue exists in thembay Diza that allows for PHP Local File Inclusion due to improper control of filename for include/require statements. This is a PHP Remote File Inclusion issue...

5.5AI score0.00056EPSS

Positive Technologies•added 2026/02/20 12:0 a.m.•3 views

PT-2026-21214

Name of the Vulnerable Software and Affected Versions AncoraThemes Gustavo versions through 1.2.2 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

5.4AI score0.00056EPSS

Exploits0References4

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21188

Name of the Vulnerable Software and Affected Versions Select-Themes Struktur versions through 2.5.1 Description The software contains a flaw related to improper control of filenames used in include/require statements, potentially leading to PHP Local File Inclusion. This allows an attacker to...

5.4AI score0.00056EPSS

Tenable Nessus•added 2026/02/20 12:0 a.m.•7 views

Tenable Security Center Multiple Vulnerabilities (TNS-2026-06)

According to its self-reported version, the Tenable Security Center running on the remote host prior or equal to 6.7.2 and missing relevant patches. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-06 advisory. - In PHP versions:8.1. before 8.1.34, 8.2. before...

8.8CVSS7.3AI score0.00763EPSS

Exploits7References13

Packet Storm•added 2026/02/20 12:0 a.m.•107 views

📄 Selenium Server (Grid) 4.27.0 Code Injection

Proof of concept exploit for Selenium Server Grid versions 4.27.0 and below that exploits firefoxprofile to force the browser to run bash commands. ============================================================================================================================================= | Title...

5.5AI score

Exploits0

CNNVD•added 2026/02/20 12:0 a.m.•3 views

WordPress plugin Fana 安全漏洞

CNNVD•added 2026/02/20 12:0 a.m.•4 views

WordPress plugin PJ | Life & Business Coaching 安全漏洞

CNNVD•added 2026/02/20 12:0 a.m.•3 views

WordPress plugin Blabber 安全漏洞

8.1CVSS5.8AI score0.00172EPSS