Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-04-15 | CVE-2025-33026 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Peazip 9.4.0 In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. | 7.8 |
2025-04-15 | CVE-2025-33027 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Bandisoft Bandizip In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. | 7.8 |
2025-02-21 | CVE-2024-13353 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Cyberchimps Responsive Addons for Elementor The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. | 8.8 |
2025-01-07 | CVE-2024-49649 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Buildapp Build APP Online Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23. | 9.8 |
2024-12-31 | CVE-2024-56216 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Themify Builder Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themify Themify Builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through 7.6.3. | 6.5 |
2024-10-28 | CVE-2024-50497 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Buynowdepot Advanced Online Ordering and Delivery Platform Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuyNowDepot Advanced Online Ordering and Delivery Platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through 2.0.0. | 9.8 |
2024-10-18 | CVE-2024-49243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Jonvincentmendoza Dynamic Elementor Addons Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0. | 8.8 |
2024-09-26 | CVE-2022-49038 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Synology Drive Client Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors. | 7.8 |
2024-08-30 | CVE-2024-8252 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Codection Clean Login The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. | 8.8 |
2024-08-21 | CVE-2024-5762 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Zen-Cart ZEN Cart 1.5.8A Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. | 8.1 |