Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/01/23 3:21 p.m.3 views

CVE-2025-67684

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

9.4CVSS6.1AI score0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/01/22 11:57 a.m.3 views

CVE-2025-67684 Remote Code Execution via Local File Inclusion in Quick.Cart

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

9.4CVSS6.2AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/22 11:57 a.m.20 views

CVE-2025-67684 Remote Code Execution via Local File Inclusion in Quick.Cart

Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded PHP code,...

9.4CVSS0.00207EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 11:57 a.m.7 views

CVE-2025-67684

CVE-2025-67684 : Quick.Cart is vulnerable to Local File Inclusion and Path Traversal in the theme selection mechanism. A privileged user can upload arbitrary file contents and, since only the filename extension is validated, include and execute uploaded PHP code, causing Remote Code Execution on ...

9.4CVSS6.2AI score0.00207EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.2 views

OpenSolution Quick.Cart path traversal vulnerability

OpenSolution Quick.Cart is an online store system developed by the Polish company OpenSolution. OpenSolution Quick.Cart has a path traversal vulnerability, which stems from issues with the theme selection mechanism involving local file inclusion and path traversal attacks. These vulnerabilities...

9.4CVSS6.1AI score0.00207EPSS
Exploits0References2
CNVD
CNVDadded 2019/08/28 12:0 a.m.1 views

WordPress option-tree plugin injection vulnerability (CNVD-2019-30767)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. option-tree is used in one of the theme selection building plugin. WordPress option-tree plugin has an injection vulnerability. No...

9.8CVSS7.2AI score0.01077EPSS
Exploits0References1
CNVD
CNVDadded 2019/08/28 12:0 a.m.1 views

WordPress option-tree plugin injection vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. option-tree is used in one of the theme selection building plugin. There is an injection vulnerability in the WordPress option-tre...

9.8CVSS7.2AI score0.01077EPSS
Exploits0References1
Rows per page
Query Builder