CVE-2025-9736 O2OA Personal Profile statement cross site scripting

A security vulnerability has been detected in O2OA up to 10.0-410. This impacts an unknown function of the file /xqueryassembledesigner/jaxrs/statement of the component Personal Profile Page. Such manipulation of the argument description/queryName leads to cross site scripting. The attack may be...

PT-2025-35388

Name of the Vulnerable Software and Affected Versions: Solwin Blog Designer PRO versions through 3.4.7 Description: The software is susceptible to a PHP Remote File Inclusion issue due to improper control of filename for include/require statements. This allows for potential code execution...

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA version 10.0-410 and earlier, which stems from a cross-site scripting attack due to incorrect manipulation of the parameter description/queryName in the file...

CVE-2025-53334

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through 7.5.1...

CVE-2025-53247

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpinterface BlogMarks blogmarks allows PHP Local File Inclusion.This issue affects BlogMarks: from n/a through = 1.0.8...

CVE-2025-54716

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Ireca ireca allows PHP Local File Inclusion.This issue affects Ireca: from n/a through = 1.8.5...

CVE-2025-53576

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Ovatheme Events ova-events allows PHP Local File Inclusion.This issue affects Ovatheme Events: from n/a through = 1.2.8...

CVE-2025-53578

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Kipso kipso allows PHP Local File Inclusion.This issue affects Kipso: from n/a through = 1.3.4...

CVE-2025-54716 WordPress Ireca Theme <= 1.8.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Ireca allows PHP Local File Inclusion. This issue affects Ireca: from n/a through 1.8.5...

CVE-2025-53578 WordPress Kipso Theme <= 1.3.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Kipso allows PHP Local File Inclusion. This issue affects Kipso: from n/a through 1.3.4...

CVE-2025-53244 WordPress Magazine Elite Theme <= 1.2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Unfoldwp Magazine Elite allows PHP Local File Inclusion. This issue affects Magazine Elite: from n/a through 1.2.4...

CVE-2025-53216

CVE-2025-53216 affects ThemeUniver Glamer (WordPress theme)

CVE-2025-49383 WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Neresa allows PHP Local File Inclusion. This issue affects Neresa: from n/a through 1.3...

CVE-2025-49383 WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CocoBasic Neresa neresa-wp allows PHP Local File Inclusion.This issue affects Neresa: from n/a through = 1.3...

PT-2025-35053

Name of the Vulnerable Software and Affected Versions: Unfoldwp Magazine versions through 1.2.2 Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. Recommendations: Update Unfoldwp Magazine to a version lat...

PT-2025-35048

Name of the Vulnerable Software and Affected Versions: Unfoldwp Magazine Saga versions through 1.2.7 Description: The software contains an Improper Control of Filename for Include/Require Statement 'PHP Remote File Inclusion' issue, allowing PHP Local File Inclusion. Recommendations: Update...

PT-2025-35058

Name of the Vulnerable Software and Affected Versions: TieLabs Jannah versions through 7.4.1 Description: The software contains an Improper Control of Filename for Include/Require Statement, leading to a PHP Local File Inclusion issue. Recommendations: Update Jannah to a version later than 7.4.1...

Linux Distros Unpatched Vulnerability : CVE-2023-41038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET...

Linux Distros Unpatched Vulnerability : CVE-2019-20391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit...

CVE-2025-54031

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Schiocco Support Board supportboard allows PHP Local File Inclusion.This issue affects Support Board: from n/a through = 3.8.0...