Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,228 vulnerabilities with CWE-98

CVE-2025-58896 HIGH

AncoraThemes Otaku <=1.8.0 - Code Injection

CVE-2025-58895 HIGH

AncoraThemes Integro <=1.8.0 - Code Injection

CVE-2025-58894 HIGH

Axiomthemes Good Mood <=1.16 - Code Injection

CVE-2025-58893 HIGH

Axiomthemes Alright <2.0 - Code Injection

CVE-2025-58892 HIGH

AncoraThemes Tourimo <1.2.4 - Code Injection

CVE-2025-58891 HIGH

AncoraThemes Sanger <=1.24.0 - Code Injection

CVE-2025-58890 HIGH

AncoraThemes Playful <1.19.0 - Code Injection

CVE-2025-58889 HIGH

Axiomthemes Towny <1.17 - Code Injection

CVE-2025-58888 HIGH

AncoraThemes The Flash <1.16 - Code Injection

CVE-2025-58885 HIGH

AncoraThemes Pathfinder <1.17 - Code Injection

CVE-2025-58879 HIGH

AncoraThemes Festy <=1.13.0 - Code Injection

CVE-2025-58803 HIGH

Axiomthemes Algenix <=1.0 - Code Injection

CVE-2025-58709 HIGH

AxiomThemes Legacy <2 - Code Injection

CVE-2025-58708 HIGH

777 <= 1.3 - PHP Local File Inclusion

CVE-2025-58706 HIGH

Woo Hoo <= 1.25 - PHP Local File Inclusion

CVE-2025-58225 HIGH

axiomthemes Paragon <= 1.1 - PHP Local File Inclusion

CVE-2025-53453 HIGH

Axiomthemes Hygia <1.17 - Code Injection

CVE-2025-53449 HIGH

Axiomthemes Convex <1.12 - Code Injection

CVE-2025-53448 HIGH

Axiomthemes Rally <1.1 - Code Injection

CVE-2025-53447 HIGH

Axiomthemes Assembly <1.2 - Code Injection

CVE-2025-53446 HIGH

Axiomthemes Beautique <1.5 - Code Injection

CVE-2025-53445 HIGH

Axiomthemes Catwalk <=1.4 - Code Injection

CVE-2025-53443 HIGH

AxiomThemes Smash <1.8 - Code Injection

CVE-2025-53442 HIGH

Axiomthemes Rentic <1.2 - Code Injection

CVE-2025-53441 HIGH

Axiomthemes Greeny <2.6 - Code Injection

Previous Page 24 of 50 Next

Details

Vulnerabilities 1,228

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy