VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-11-21
CVE-2024-10898
The Contact Form 7 Email Add on plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the cf7_email_add_on_add_admin_template() function.
network
low complexity
CWE-98
8.8
8.8
2024-10-29
CVE-2024-10436
The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function.
network
low complexity
CWE-98
8.8
8.8
2024-10-26
CVE-2024-8392
The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.2 via the 'tab' parameter.
network
low complexity
CWE-98
7.2
7.2
2024-01-15
CVE-2024-0315
PHP Remote File Inclusion vulnerability in Fireeye Central Management 9.1.1.956704
Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704.
local
low complexity
fireeye
CWE-98
7.8
7.8
2023-12-21
CVE-2023-49084
PHP Remote File Inclusion vulnerability in Cacti 1.2.25
Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB).
network
low complexity
cacti
CWE-98
8.8
8.8
2023-08-06
CVE-2023-4195
PHP Remote File Inclusion vulnerability in Agentejo Cockpit
PHP Remote File Inclusion in GitHub repository cockpit-hq/cockpit prior to 2.6.3.
network
low complexity
agentejo
CWE-98
8.8
8.8
2022-12-18
CVE-2022-4606
PHP Remote File Inclusion vulnerability in Flatpress
PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3.
network
low complexity
flatpress
CWE-98
critical
9.8
9.8