CVE-2026-6493

A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/locale/auth/reset-password/components/reset-password-form.tsx of the component Reset Password Handler. Executing a manipulation of the argument redirectTo can lead to cross site...

EUVD-2026-23436

A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/locale/auth/reset-password/components/reset-password-form.tsx of the component Reset Password Handler. Executing a manipulation of the argument redirectTo can lead to cross site...

PT-2026-33458

Name of the Vulnerable Software and Affected Versions lukevella rallly versions prior to 4.8.0 Description A flaw in the Reset Password Handler component within the file 'apps/web/src/app/locale/auth/reset-password/components/reset-password-form.tsx' allows for remote cross site scripting. This...

CVE-2025-53448

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

EUVD-2025-204204

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53448

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53448

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53448 WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53448 WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Rally rally allows PHP Local File Inclusion.This issue affects Rally: from n/a through = 1.1...

CVE-2025-53448

CVE-2025-53448 concerns the WordPress Rally theme (axiomthemes Rally) up to version 1.1, which suffers from improper control of filenames in include/require statements, enabling PHP Local File Inclusion. Affected component: WordPress Rally theme; root cause: Local File Inclusion via unsafely cons...

WordPress plugin Rally 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-52042

Name of the Vulnerable Software and Affected Versions axiomthemes Rally versions through 1.1 Description A flaw exists in axiomthemes Rally related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

EUVD-2014-7596

Malware in sbrugna...

EUVD-2005-0730

Malware in sbrugna...

WordPress Rally theme <= 1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Rally versions = 1.1...

Malicious code in test-mlw2-rally-ihram-paves-resin (npm)

The package test-mlw2-rally-ihram-paves-resin was found to contain malicious code...

Malicious code in @malware-test-rally-ihram-paves-resin/test-mlw3-rally-ihram-paves-resin (npm)

The package @malware-test-rally-ihram-paves-resin/test-mlw3-rally-ihram-paves-resin was found to contain malicious code...

MAL-2025-36086 Malicious code in test-mlw2-rally-ihram-paves-resin (npm)

The package test-mlw2-rally-ihram-paves-resin was found to contain malicious code...

classic-rally-timing.fr Improper Access Control vulnerability OBB-3824382

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

TikTok Paid for Influencers to Attend the Pro-TikTok Rally in DC

The embattled social media company brought out the checkbook to ensure at least 30 of its biggest assets—creators—were in DC to help fend off critics...