CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2120 matches found

RedhatCVE•added 2026/01/23 9:17 p.m.•4 views

CVE-2025-47474

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ninetheme Anarkali anarkali allows PHP Local File Inclusion.This issue affects Anarkali: from n/a through = 1.0.9...

8.1CVSS5.5AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:17 p.m.•2 views

CVE-2025-67957

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TangibleWP Listivo Core listivo-core allows PHP Local File Inclusion.This issue affects Listivo Core: from n/a through = 2.3.77...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:16 p.m.•3 views

CVE-2025-67946

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through = 6.0.11...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:16 p.m.•3 views

CVE-2025-68510

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeGoods Photography photography allows PHP Local File Inclusion.This issue affects Photography: from n/a through 7.7.5...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•4 views

CVE-2025-68908

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through = 2.9.9.87...

8.1CVSS5.5AI score0.00222EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•2 views

CVE-2025-68913

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through = 1.2.7...

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

RedhatCVE•added 2026/01/23 9:15 p.m.•3 views

CVE-2026-23978

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...

7.5CVSS5.5AI score0.00203EPSS

Exploits0References1

NVD•added 2026/01/23 3:16 p.m.•1 views

CVE-2026-24608

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through = 2.4.1...

7.5CVSS0.00067EPSS

Exploits0References1

CVE•added 2026/01/23 2:28 p.m.•10 views

CVE-2026-24531

CVE-2026-24531 affects the WordPress theme Select-Themes Prowess (versions <= 2.3). The vulnerability is an Improper Control of Filename for Include/Require Statement (PHP Remote File Inclusion leading to Local File Inclusion, LFI). Public sources in the connected docs describe an LFI conditio...

7.5CVSS5.5AI score0.00067EPSS

Exploits0References1

Positive Technologies•added 2026/01/23 12:0 a.m.•6 views

PT-2026-4530

Name of the Vulnerable Software and Affected Versions Aptsys gemscms POS Platform versions prior to 2025-05-29 Description An SQL Injection issue exists in the backend of the Aptsys gemscms POS Platform. The issue is due to the direct insertion of user-supplied input into a dynamic SQL query...

9.4CVSS6.2AI score0.0002EPSS

Exploits0References8

NVD•added 2026/01/22 5:16 p.m.•6 views

CVE-2025-69044

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Vango vango allows PHP Local File Inclusion.This issue affects Vango: from n/a through = 1.3.3...

8.1CVSS0.00222EPSS

Exploits0References1

NVD•added 2026/01/22 5:16 p.m.•2 views

CVE-2025-67946

8.1CVSS0.00222EPSS

Exploits0References1

NVD•added 2026/01/22 5:15 p.m.•1 views

CVE-2025-54003

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Depot depot allows PHP Local File Inclusion.This issue affects Depot: from n/a through = 1.16...

8.1CVSS0.00222EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•10 views

CVE-2026-23975

CVE-2026-23975 is a WordPress Golo theme vulnerability (Golo

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•9 views

CVE-2026-22402

CVE-2026-22402 describes an improper filename control in the WordPress theme Triply (Triply Tour Booking) that enables PHP Local File Inclusion (LFI) via include/require. Affected: Triply versions from n/a through 2.4.7. Root cause: improper validation of included file paths, allowing an attacker...

7.5CVSS5.5AI score0.0022EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•3 views

CVE-2025-69077

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Hobo hobo allows PHP Local File Inclusion.This issue affects Hobo: from n/a through = 1.0.10...

8.1CVSS5.3AI score0.00124EPSS

Exploits0References2

ATTACKERKB•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69071

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes TanTum tantum allows PHP Local File Inclusion.This issue affects TanTum: from n/a through = 1.1.13...

8.1CVSS5.3AI score0.00037EPSS

Exploits0References2

Vulnrichment•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69073 WordPress Piqes theme <= 1.0.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through = 1.0.11...

8.1CVSS5.9AI score0.00037EPSS

Exploits0References1

CVE•added 2026/01/22 4:52 p.m.•16 views

CVE-2025-69065

CVE-2025-69065 — In the WordPress theme WordPress Snow Mountain (AncoraThemes) there is an issue described as an improper control of filenames for PHP Include/Require, resulting in a Local File Inclusion (LFI) vulnerability. Affected: Snow Mountain versions

8.1CVSS5.5AI score0.00124EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•1 views

CVE-2025-69065

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Snow Mountain snowmountain allows PHP Local File Inclusion.This issue affects Snow Mountain: from n/a through = 1.4.3...

8.1CVSS5.3AI score0.00124EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by