Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

CVEs (1,143)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-60058 - - Jan 20, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DetailX detailx allows PHP Local File Inclusion.This issue affects DetailX: from n/a t...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DetailX detailx allows PHP Local File Inclusion.This issue affects DetailX: from n/a through <= 1.10.0.Show less
CVE-2025-60057 - - Jan 20, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes DJ Rainflow dj-rainflow allows PHP Local File Inclusion.This issue affects DJ Rainflow: from n/a through <= 1.3.13.Show less
CVE-2025-60056 - - Jan 20, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a thro...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Winger winger allows PHP Local File Inclusion.This issue affects Winger: from n/a through <= 1.0.16.Show less
CVE-2025-60055 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fabrica fabrica allows PHP Local File Inclusion.This issue affects Fabrica: from n/a t...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fabrica fabrica allows PHP Local File Inclusion.This issue affects Fabrica: from n/a through <= 1.8.1.Show less
CVE-2025-60054 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes OnLeash onleash allows PHP Local File Inclusion.This issue affects OnLeash: from n/a t...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes OnLeash onleash allows PHP Local File Inclusion.This issue affects OnLeash: from n/a through <= 1.5.2.Show less
CVE-2025-60053 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MaxCube maxcube allows PHP Local File Inclusion.This issue affects MaxCube: from n/a t...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes MaxCube maxcube allows PHP Local File Inclusion.This issue affects MaxCube: from n/a through <= 1.3.1.Show less
CVE-2025-60052 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes W&D wd allows PHP Local File Inclusion.This issue affects W&D: from n/a through <= 1.0...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes W&D wd allows PHP Local File Inclusion.This issue affects W&D: from n/a through <= 1.0.Show less
CVE-2025-60051 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Rare Radio rareradio allows PHP Local File Inclusion.This issue affects Rare Radio: fr...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Rare Radio rareradio allows PHP Local File Inclusion.This issue affects Rare Radio: from n/a through <= 1.0.15.1.Show less
CVE-2025-60050 1Axiomthemes 1Panda Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Panda panda allows PHP Local File Inclusion.This issue affects Panda: from n/a through <= 1.21.Show less
CVE-2025-60049 1Axiomthemes 1Soleil Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleil soleil allows PHP Local File Inclusion.This issue affects Soleil: from n/a throu...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleil soleil allows PHP Local File Inclusion.This issue affects Soleil: from n/a through <= 1.17.Show less
CVE-2025-60048 1Axiomthemes 1Tripster Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Tripster tripster allows PHP Local File Inclusion.This issue affects Tripster: from n/a...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Tripster tripster allows PHP Local File Inclusion.This issue affects Tripster: from n/a through <= 1.0.10.Show less
CVE-2025-60047 1Axiomthemes 1Ipharm Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes IPharm ipharm allows PHP Local File Inclusion.This issue affects IPharm: from n/a throu...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes IPharm ipharm allows PHP Local File Inclusion.This issue affects IPharm: from n/a through <= 1.2.3.Show less
CVE-2025-60046 1Axiomthemes 1Heartstar Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes HeartStar heartstar allows PHP Local File Inclusion.This issue affects HeartStar: from...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes HeartStar heartstar allows PHP Local File Inclusion.This issue affects HeartStar: from n/a through <= 1.0.14.Show less
CVE-2025-60044 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fribbo fribbo allows PHP Local File Inclusion.This issue affects Fribbo: from n/a thro...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Fribbo fribbo allows PHP Local File Inclusion.This issue affects Fribbo: from n/a through <= 1.1.0.Show less
CVE-2025-60043 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wanderic wanderic allows PHP Local File Inclusion.This issue affects Wanderic: from n/...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Wanderic wanderic allows PHP Local File Inclusion.This issue affects Wanderic: from n/a through <= 1.0.10.Show less
CVE-2025-60042 - - Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chinchilla chinchilla allows PHP Local File Inclusion.This issue affects Chinchilla: f...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chinchilla chinchilla allows PHP Local File Inclusion.This issue affects Chinchilla: from n/a through <= 1.16.Show less
CVE-2025-58950 1Axiomthemes 1Lione Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lione lione allows PHP Local File Inclusion.This issue affects Lione: from n/a through...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lione lione allows PHP Local File Inclusion.This issue affects Lione: from n/a through <= 1.16.Show less
CVE-2025-58949 1Axiomthemes 1Spock Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through <= 1.17.Show less
CVE-2025-58948 1Axiomthemes 1Aromatica Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Aromatica aromatica allows PHP Local File Inclusion.This issue affects Aromatica: from...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Aromatica aromatica allows PHP Local File Inclusion.This issue affects Aromatica: from n/a through <= 1.8.Show less
CVE-2025-58947 1Axiomthemes 1Athos Apr 27, 2026 Dec 18, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through...Show more Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Athos athos allows PHP Local File Inclusion.This issue affects Athos: from n/a through <= 1.9.Show less

Previous 1...232425...58 Next