Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,228 vulnerabilities with CWE-98

CVE-2024-56230 HIGH

Dynamic Web Lab Dynamic Product Category Grid, Slider for WooCommer...

CVE-2024-56216 MEDIUM

Themify Themify Builder <7.6.3 - Code Injection

CVE-2024-12272 HIGH

WP Travel Engine - Elementor Widgets <1.3.7 - RCE

CVE-2024-12571 CRITICAL

WordPress LotsOfLocales <3.98.9 - Local File Inclusion

CVE-2024-54270 HIGH

Axeptio <= 2.5.4 - PHP Local File Inclusion

CVE-2024-54376 HIGH

Spider-themes EazyDocs <2.5.5 - Code Injection

CVE-2024-12040 HIGH

Product Carousel Slider & Grid Ultimate <1.9.10 - Code Injection

CVE-2024-52385 MEDIUM

Sk. Abul Hasan Team Member <7.3 - Code Injection

CVE-2024-54225 HIGH

CodegearThemes Designer <1.3.3 - RCE

CVE-2024-12209 CRITICAL

WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - Local File Inclusion

CVE-2024-53824 HIGH

AREOI All Bootstrap Blocks <1.3.19 - Code Injection

CVE-2024-11289 HIGH

Soledad theme <8.5.9 - Local File Inclusion

CVE-2024-51541 HIGH

ABB ASPECT <3.08.02, NEXUS Series <3.08.02, MATRIX Series <3.08.02 ...

CVE-2024-11429 HIGH

Free Responsive Testimonials 3.3.3 - Local File Inclusion

CVE-2024-53739 HIGH

Cool Plugins Cryptocurrency Widgets For Elementor <1.6.4 - Code Inj...

CVE-2024-52501 HIGH

webbytemplate Office Locator <1.3.0 - RCE

CVE-2024-52499 HIGH

Kardi Pricing table addon for elementor <1.0.0 - Code Injection

CVE-2024-52497 HIGH

quomodosoft Shopready <3.5 - Code Injection

CVE-2024-52496 HIGH

Absolute Addons For Elementor <1.0.14 - Code Injection

CVE-2024-10873 HIGH

LA-Studio Element Kit for Elementor <= 1.4.2 - Authenticated Local File Inclusion via _load_template Function

CVE-2024-10898 HIGH

Contact Form 7 Email Add on < 1.9 - Authenticated Local File Inclusion via cf7_email_add_on_add_admin_template()

CVE-2024-52450 HIGH

nBlocks <= 1.0.2 - PHP Local File Inclusion

CVE-2024-52428 HIGH

Ads Booster by Ads Pro <= 1.12 - PHP Local File Inclusion

CVE-2024-52386 MEDIUM

Business Directory Team by RadiusTheme Classified Listing <3.1.15.1...

CVE-2024-52381 HIGH

ZIJ KART <= 1.1 - PHP Local File Inclusion

Previous Page 44 of 50 Next

Details

Vulnerabilities 1,228

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy