Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,210 vulnerabilities with CWE-98

CVE-2025-69395 HIGH

ThemeREX Gable <=1.5 - PHP Local File Inclusion

CVE-2025-69387 HIGH

Simple Retail Menus <=4.2.1 - PHP RFI

CVE-2025-69383 HIGH

WP shop <=2.6.1 - PHP Local File Inclusion

CVE-2025-69375 HIGH

SolverWp Portfolio Builder <=1.2.5 - PHP LFI

CVE-2025-69374 HIGH

Eleblog - Elementor Blog And Magazine Addons <=2.0.3 - PHP Local Fi...

CVE-2025-69373 HIGH

VidoRev <=2.9.9.9.9.9.7 - PHP Local File Inclusion

CVE-2025-69322 HIGH

PeakShops <1.5.9 - PHP Local File Inclusion

CVE-2025-68841 HIGH

TopperPack <=1.2.1 - PHP Local File Inclusion

CVE-2025-68552 HIGH

WooCommerce Coming Soon Product <=5.0 - PHP LFI

CVE-2025-68545 HIGH

thembay Nika <=1.2.14 - PHP Local File Inclusion

CVE-2025-68543 HIGH

Thembay Diza <=1.3.15 - PHP Local File Inclusion

CVE-2025-68539 HIGH

thembay Fana <=1.1.35 - PHP Local File Inclusion

CVE-2025-68536 HIGH

Thembay Zota <=1.3.14 - PHP Local File Inclusion

CVE-2025-67992 HIGH

LoftOcean PatioTime < 2.1 - PHP Local File Inclusion

CVE-2025-67988 HIGH

CozyStay <1.9.1 - PHP Local File Inclusion

CVE-2025-67982 HIGH

Urna <=2.5.12 - PHP Local File Inclusion

CVE-2025-67981 HIGH

Thembay Besa <=2.3.15 - PHP Local File Inclusion

CVE-2025-67980 HIGH

thembay Hara <=1.2.17 - PHP Local File Inclusion

CVE-2025-60087 HIGH

Extensive VC Addons for WPBakery <=1.9.1 - PHP RFI

CVE-2025-15368 HIGH

WordPress SportsPress <= 2.7.26 - Contributor Local File Inclusion Code Execution

CVE-2025-69314 HIGH

Werkstatt < 4.8.3 - PHP Local File Inclusion

CVE-2025-69100 HIGH

North <= 5.7.5 - PHP Local File Inclusion

CVE-2025-69078 HIGH

AncoraThemes Malta <1.3.3 - Code Injection

CVE-2025-69077 HIGH

AncoraThemes Hobo <=1.0.10 - Code Injection

CVE-2025-69076 HIGH

AncoraThemes Modern Housewife <= 1.0.12 - Code Injection

Previous Page 16 of 49 Next

Details

Vulnerabilities 1,210

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy