Lucene search
K

416 matches found

NVD
NVD
added 13 hours ago5 views

CVE-2026-57805

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Tonda tonda allows PHP Local File Inclusion.This issue affects Tonda: from n/a through = 2.5...

7.5CVSS
Exploits0References1
NVD
NVD
added 13 hours ago5 views

CVE-2026-57798

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SaurabhSharma NewsPlus Shortcodes newsplus-shortcodes allows PHP Local File Inclusion.This issue affects NewsPlus Shortcodes: from n/a through = 4.2.0...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-57800 WordPress Overworld theme <= 1.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Overworld overworld allows PHP Local File Inclusion.This issue affects Overworld: from n/a through = 1.5...

7.5CVSS
Exploits0References1
NVD
NVD
added 21 hours ago8 views

CVE-2026-15519

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS
Exploits0References5
Cvelist
Cvelist
added 22 hours ago9 views

CVE-2026-15519 usestrix PyPI system_prompt.jinja inclusion of functionality from untrusted control sphere

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS
Exploits0References5
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54816

Improper Control of Generation of Code 'Code Injection' vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21...

7.5CVSS0.00292EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-25470

Improper Control of Generation of Code 'Code Injection' vulnerability in ACPT ACPT Pro - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT Pro - Custom Post Types Plugin for WordPress: from n/a through 2.0.47...

10CVSS0.00414EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 12:49 p.m.34 views

CVE-2026-52704 WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion. This issue affects WooCommerce PDF Invoice Builder: from n/a through 2.0.8...

10CVSS0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-58897

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusion. This issue affects Fermentio: from n/a through 1.5.0...

8.1CVSS5.5AI score0.00337EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:39 p.m.8 views

CVE-2026-39552

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS5.8AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-45752

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Code Supply Co. Blueprint allows PHP Local File Inclusion. This issue affects Blueprint: from n/a before 1.1.5...

8.1CVSS5.8AI score0.00334EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.11 views

PT-2026-41010

Improper Control of Generation of Code 'Code Injection' vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issue affects Library Automation System: from v.19.5 before v.22....

8.8CVSS5.8AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.9 views

CVE-2026-39681

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through = 1.2.59...

7.5CVSS0.00381EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 9:16 a.m.4 views

CVE-2026-39611

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in kutethemes KuteShop kuteshop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through = 4.2.9...

7.5CVSS0.00381EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.2 views

CVE-2026-39544 WordPress LabtechCO theme <= 8.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through = 8.3...

7.5CVSS5.8AI score0.00381EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31243

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Homeo homeo allows PHP Local File Inclusion.This issue affects Homeo: from n/a through = 1.2.59...

5.9AI score0.00381EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.4 views

CVE-2026-22514

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Unica unica allows PHP Local File Inclusion.This issue affects Unica: from n/a through = 1.4.1...

8.1CVSS5.8AI score0.00519EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15911

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through =...

7.5CVSS5.8AI score0.003EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.7 views

CVE-2026-27044

Improper Control of Generation of Code 'Code Injection' vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through = 4.12.0...

9.9CVSS0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-27834

Name of the Vulnerable Software and Affected Versions AncoraThemes Triompher versions through 1.1.0 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local...

8.1CVSS5.9AI score0.00519EPSS
Exploits0References3
Rows per page
Query Builder