Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-28 | CVE-2024-50497 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Buynowdepot Advanced Online Ordering and Delivery Platform Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuyNowDepot Advanced Online Ordering and Delivery Platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through 2.0.0. | 9.8 |
2024-10-18 | CVE-2024-49243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Jonvincentmendoza Dynamic Elementor Addons Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0. | 8.8 |
2024-10-08 | CVE-2024-30092 | Windows Hyper-V Remote Code Execution Vulnerability high complexity CWE-829 | 8.0 |
2024-09-26 | CVE-2022-49038 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Synology Drive Client Inclusion of functionality from untrusted control sphere vulnerability in OpenSSL DLL component in Synology Drive Client before 3.3.0-15082 allows local users to execute arbitrary code via unspecified vectors. | 7.8 |
2024-08-30 | CVE-2024-8252 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Codection Clean Login The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. | 8.8 |
2024-08-21 | CVE-2024-5762 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Zen-Cart ZEN Cart 1.5.8A Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. | 8.1 |
2024-07-22 | CVE-2024-29073 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ankiweb Anki 24.04 An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. | 6.5 |
2024-06-10 | CVE-2024-35650 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Melapress Login Security Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security allows PHP Remote File Inclusion.This issue affects MelaPress Login Security: from n/a through 1.3.0. | 7.2 |
2024-06-04 | CVE-2024-35629 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Wow-Company Easy Digital Downloads 1.0.2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through 1.0.2. | 9.8 |
2023-12-23 | CVE-2023-6971 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Backupbliss Backup Migration The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. | 9.8 |