Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-98

CWE-98

High likelihood

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

Parent: CWE-706 - Use of Incorrectly-Resolved Name or Reference

The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.

1,114 vulnerabilities with CWE-98

CVE-2026-22435 HIGH

AncoraThemes ElectroServ <=1.3.2 - PHP RFI

CVE-2026-22434 HIGH

AncoraThemes Crown Art <=1.2.11 - PHP Local File Inclusion

CVE-2026-22433 HIGH

AncoraThemes CloudMe <=1.2.2 - PHP RFI

CVE-2026-22432 HIGH

AncoraThemes Woopy <=1.2 - PHP Local File Inclusion

CVE-2026-22431 HIGH

AncoraThemes Wabi-Sabi <=1.2 - PHP Local File Inclusion

CVE-2026-22429 HIGH

Mikado-Themes Verdure <=1.6 - PHP RFI

CVE-2026-22428 HIGH

AncoraThemes Tooth Fairy <=1.16 - PHP Local File Inclusion

CVE-2026-22427 HIGH

Mikado-Themes GoTravel <=2.1 - PHP RFI

CVE-2026-22425 HIGH

Sweet Jane <=1.2 - PHP Local File Inclusion

CVE-2026-22424 HIGH

AncoraThemes Shaha <=1.1.2 - PHP Local File Inclusion

CVE-2026-22423 HIGH

Select-Themes SetSail <=1.8 - PHP Local File Inclusion

CVE-2026-22421 HIGH

AncoraThemes Quantum <=1.0 - PHP Local File Inclusion

CVE-2026-22420 HIGH

AncoraThemes Horizon <=1.1 - PHP RFI

CVE-2026-22419 HIGH

AncoraThemes Honor <=2.3 - PHP Local File Inclusion

CVE-2026-22418 HIGH

AncoraThemes Great Lotus <=1.3.1 - PHP RFI

CVE-2026-22416 HIGH

FixTeam <=1.4 - PHP Local File Inclusion

CVE-2026-22415 HIGH

The Mounty <=1.1 - PHP Local File Inclusion

CVE-2026-22414 HIGH

Mikado-Themes Marra <=1.2 - PHP Local File Inclusion

CVE-2026-22413 HIGH

Malgré <=1.0.3 - PHP Local File Inclusion

CVE-2026-22412 HIGH

Mikado-Themes Eona <=1.3 - PHP RFI

CVE-2026-22410 HIGH

Mikado-Themes Dolcino <=1.6 - PHP RFI

CVE-2026-22408 HIGH

Justicia <=1.2 - PHP Local File Inclusion

CVE-2026-22405 HIGH

Mikado-Themes Overton <=1.3 - PHP Local File Inclusion

CVE-2026-22403 HIGH

Mikado-Themes Innovio <=1.7 - PHP RFI

CVE-2026-22399 HIGH

Mikado-Themes Holmes <=1.7 - PHP RFI

Previous Page 9 of 45 Next

Details

Vulnerabilities 1,114

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy