CVE-2025-49359 WordPress ShieldGroup theme <= 2.13 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes ShieldGroup shieldgroup allows PHP Local File Inclusion.This issue affects ShieldGroup: from n/a through = 2.13...

CVE-2025-49363

CVE-2025-49363 concerns the WordPress Kings & Queens theme (versions up to 1.1.16). The issue is an improper control of filenames for include/require statements, enabling PHP Local File Inclusion (LFI) and related PHP Remote File Inclusion risks as described in multiple sources. The vulnerability...

CVE-2025-60190

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Hinnerk Altenburg Immocaster WordPress Plugin immocaster allows PHP Local File Inclusion.This issue affects Immocaster WordPress Plugin: from n/a through = 1.3.6...

CVE-2025-60248 WordPress WPC Product Options for WooCommerce plugin <= 3.1.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WPClever WPC Product Options for WooCommerce wpc-product-options allows PHP Local File Inclusion.This issue affects WPC Product Options for WooCommerce: from n/a through = 3.1.3...

CVE-2025-60199 WordPress InHype - Blog & Magazine WordPress Theme theme <= 1.5.2 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in dedalx InHype - Blog & Magazine WordPress Theme inhype allows PHP Local File Inclusion.This issue affects InHype - Blog & Magazine WordPress Theme: from n/a through = 1.5.2...

CVE-2025-59558

The CVE-2025-59558 entry concerns the WordPress Billey Theme (&lt; 2.1.6) with a Local File Inclusion due to improper control of the filename in include/require statements, effectively a PHP Remote File Inclusion issue that allows local inclusion. Affected software is the Billey WordPress theme, ...

EUVD-1999-0548

Malware in sbrugna...

EUVD-2003-0622

Malware in sbrugna...

EUVD-2021-16153

Malware in sbrugna...

EUVD-2024-45912

Malicious code in bioql PyPI...

EUVD-2025-27799

Malicious code in bioql PyPI...

WordPress plugin BeeTeam368 Extensions 安全漏洞

WordPress BeeTeam368 Extensions plugin is a WordPress plugin that is mainly used to extend the functionality of a website. The WordPress BeeTeam368 Extensions plugin suffers from a file inclusion vulnerability, which stems from improper control over the filename of an include or request statement...

WordPress plugin Maia 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-1999-0561

IIS has the exec function enabled for Server Side Include SSI files...

CVE-2024-52427

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

CVE-2024-52427

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.11...

CVE-2024-52427

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

CVE-2024-52427 WordPress Event Tickets with Ticket Scanner plugin <= 2.3.11 - Remote Code Execution (RCE) vulnerability

Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...

PT-2024-35267 · Unknown · Event Tickets With Ticket Scanner

Name of the Vulnerable Software and Affected Versions: Event Tickets with Ticket Scanner versions 2.3.11 and earlier Description: The issue affects Event Tickets with Ticket Scanner, allowing Server Side Include SSI Injection due to improper neutralization of special elements used in a template...

CVE-2024-3784

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through S3 Accounts /admin/CloudAccounts. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...