Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,149 vulnerabilities with CWE-98

CVE-2026-22379 HIGH

AncoraThemes Netmix <=1.0.10 - PHP RFI

CVE-2026-22378 HIGH

AncoraThemes Blabber <=1.7.0 - PHP RFI

CVE-2026-22377 HIGH

AncoraThemes Saveo <=1.1.2 - PHP Local File Inclusion

CVE-2026-22376 HIGH

AncoraThemes Parkivia <=1.1.9 - PHP RFI

CVE-2026-22375 HIGH

Impacto Patronus <=1.2.3 - PHP Local File Inclusion

CVE-2026-22374 HIGH

AncoraThemes Zio Alberto <=1.2.2 - PHP RFI

CVE-2026-22373 HIGH

Fooddy <=1.3.10 - PHP Local File Inclusion

CVE-2026-22372 HIGH

AncoraThemes Isida <=1.4.2 - PHP Local File Inclusion

CVE-2026-22371 HIGH

AncoraThemes Gustavo <=1.2.2 - PHP RFI

CVE-2026-22370 HIGH

axiomthemes Marveland <=1.3.0 - PHP RFI

CVE-2026-22369 HIGH

AncoraThemes Ironfit <=1.5 - PHP Local File Inclusion

CVE-2026-22368 HIGH

axiomthemes Redy <=1.0.2 - PHP Local File Inclusion

CVE-2026-22367 HIGH

AncoraThemes Coworking <=1.6.1 - PHP RFI

CVE-2026-22366 HIGH

Jude <=1.3.0 - PHP Local File Inclusion

CVE-2026-22365 HIGH

Soleng <=1.0.5 - PHP Local File Inclusion

CVE-2026-22364 HIGH

SevenTrees <=1.0.2 - PHP Local File Inclusion

CVE-2026-22363 HIGH

Rhodos <=1.3.3 - PHP Local File Inclusion

CVE-2026-22362 HIGH

Photolia <=1.0.3 - PHP Local File Inclusion

CVE-2026-22361 HIGH

A-Mart <=1.0.2 - PHP Local File Inclusion

CVE-2026-22356 HIGH

Jetpack CRM <=6.7.0 - PHP Local File Inclusion

CVE-2026-22344 HIGH

Mikado-Themes FiveStar <=1.7 - PHP RFI

CVE-2026-27343 HIGH

Airtifact <=1.2.91 - PHP Local File Inclusion

CVE-2026-27052 HIGH

Sales Countdown Timer <=1.1.8.1 - PHP RFI

CVE-2026-25326 HIGH

CMSMasters Content Composer <=1.4.5 - PHP LFI

CVE-2026-0926 CRITICAL

Prodigy Commerce WordPress Plugin <3.2.9 - LFI

Previous Page 11 of 46 Next

Details

Vulnerabilities 1,149

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy