CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/01/22 4:52 p.m.•10 views

CVE-2025-69046

CVE-2025-69046 affects WebGeniusLab iRecco Core (irecco-core) with a Local File Inclusion flaw caused by improper handling of PHP include/require filenames. The vulnerability is listed as affecting iRecco Core up to version 1.3.6. Public disclosures in connected documents confirm the issue type a...

8.1CVSS5.5AI score0.00403EPSS

8.1CVSS5.3AI score0.00403EPSS

CVE-2025-69046

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebGeniusLab iRecco Core irecco-core allows PHP Local File Inclusion.This issue affects iRecco Core: from n/a through = 1.3.6...

8.1CVSS5.3AI score0.00403EPSS

CVE-2025-69047

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech MaxShop swmaxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through = 3.6.20...

CVE•added 2026/01/22 4:52 p.m.•9 views

CVE-2025-69040

CVE-2025-69040 affects WordPress theme/product: Bfres (goalthemes) with bfres, affected versions up to and including 1.2.1. Root cause is Improper Control of Filename for Include/Require in PHP, enabling Local File Inclusion (LFI). Red Hat and CVE/NVD entries describe Unauthenticated LFI, with im...

8.1CVSS5.5AI score0.00403EPSS

ATTACKERKB•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69039

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Bailly bailly allows PHP Local File Inclusion.This issue affects Bailly: from n/a through = 1.3.4...

8.1CVSS5.3AI score0.00512EPSS

8.1CVSS5.3AI score0.00403EPSS

CVE-2025-69037

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Pippo pippo allows PHP Local File Inclusion.This issue affects Pippo: from n/a through = 1.2.3...

Vulnrichment•added 2026/01/22 4:52 p.m.•5 views

CVE-2025-69005 WordPress Search & Go theme <= 2.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Search & Go search-and-go allows PHP Local File Inclusion.This issue affects Search & Go: from n/a through = 2.8...

8.1CVSS5.9AI score0.00403EPSS

ATTACKERKB•added 2026/01/22 4:52 p.m.•3 views

CVE-2025-69005

8.1CVSS5.4AI score0.00403EPSS

7.5CVSS5.4AI score0.00463EPSS

CVE-2025-68913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through = 1.2.7...

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-68510 WordPress Photography theme < 7.7.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

5.9AI score0.00403EPSS

ATTACKERKB•added 2026/01/22 4:51 p.m.•2 views

CVE-2025-63017

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes WerkStatt Plugin werkstatt-plugin allows PHP Local File Inclusion.This issue affects WerkStatt Plugin: from n/a through = 1.6.6...

7.5CVSS5.4AI score0.00515EPSS

ATTACKERKB•added 2026/01/22 4:51 p.m.•2 views

CVE-2025-54003

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through = 1.16...

9.8CVSS5.4AI score0.00504EPSS

ATTACKERKB•added 2026/01/22 4:51 p.m.•1 views

CVE-2025-50003

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Amuli amuli allows PHP Local File Inclusion.This issue affects Amuli: from n/a through = 2.3.0...

9.8CVSS5.4AI score0.00504EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•6 views

PT-2026-4149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through = 1.2.15...

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-4163

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo: from n/a through = 1.0.10...

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4129

Name of the Vulnerable Software and Affected Versions goalthemes Dekoro versions through 1.0.7 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

5.3AI score0.00512EPSS

Exploits0References3

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-4162

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Modern Housewife modernhousewife allows PHP Local File Inclusion.This issue affects Modern Housewife: from n/a through = 1.0.12...

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4126

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Hyori hyori allows PHP Local File Inclusion.This issue affects Hyori: from n/a through = 1.3.6...