Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,114 vulnerabilities with CWE-98

CVE-2026-27342 HIGH

TopFit Theme <=1.9 - PHP Local File Inclusion

CVE-2026-27341 HIGH

TopScorer - Sports WordPress Theme <=1.2 - PHP LFI

CVE-2026-27340 HIGH

AncoraThemes Apollo <=1.3.1 - PHP RFI

CVE-2026-27339 HIGH

Buzz Stone WordPress Theme <=1.0.2 - PHP LFI

CVE-2026-27337 HIGH

Chronicle WordPress Theme <=1.0 - PHP RFI

CVE-2026-27336 HIGH

Consultor Theme <=1.2.4 - PHP Local File Inclusion

CVE-2026-27335 HIGH

AncoraThemes Ekoterra <=1.0.0 - PHP RFI

CVE-2026-27334 HIGH

Alchemists <=4.6.0 - PHP Local File Inclusion

CVE-2026-27326 HIGH

AC Services Theme <=1.2.5 - PHP Local File Inclusion

CVE-2026-27097 HIGH

CasaMia Theme <=1.1.2 - PHP Local File Inclusion

CVE-2026-23801 HIGH

The Issue <=1.6.11 - PHP Local File Inclusion

CVE-2026-22478 HIGH

FindAll <=1.4 - PHP Local File Inclusion

CVE-2026-22477 HIGH

AncoraThemes Felizia <=1.3.4 - PHP RFI

CVE-2026-22476 HIGH

Etchy <=1.0 - PHP Local File Inclusion

CVE-2026-22457 HIGH

Wanderland <=1.5 - PHP Local File Inclusion

CVE-2026-22456 HIGH

Askka <=1.0 - PHP Local File Inclusion

CVE-2026-22452 HIGH

ThemeREX Hoverex <=1.5.10 - PHP Local File Inclusion

CVE-2026-22449 HIGH

Select-Themes Don Peppe <=1.3 - PHP RFI

CVE-2026-22446 HIGH

Prowess <=1.8.1 - PHP Local File Inclusion

CVE-2026-22443 HIGH

ThemeREX Alliance <=3.1.1 - PHP Local File Inclusion

CVE-2026-22442 HIGH

Tribe <=1.7.3 - PHP Local File Inclusion

CVE-2026-22441 HIGH

Zentrum <=1.0 - PHP Local File Inclusion

CVE-2026-22439 HIGH

AncoraThemes Green Planet <=1.1.14 - PHP RFI

CVE-2026-22437 HIGH

AncoraThemes Playa <=1.3.9 - PHP RFI

CVE-2026-22436 HIGH

Helvig <=1.0 - PHP Local File Inclusion

Previous Page 8 of 45 Next

Details

Vulnerabilities 1,114

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy