Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-98
Total 990 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-27995 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Justitia justitia allows PHP Local File Inclusion.This issue affects Justitia: from n/a through <= 1.1.0.
CVE-2026-27993 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Aldo aldo allows PHP Local File Inclusion.This issue affects Aldo: from n/a through <= 1.0.10.
CVE-2026-27991 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Avventure avventure allows PHP Local File Inclusion.This issue affects Avventure: from n/a through <= 1.1.12.
CVE-2026-27989 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Quanzo quanzo allows PHP Local File Inclusion.This issue affects Quanzo: from n/a through <= 1.0.10.
CVE-2026-27987 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX The Qlean the-qlean allows PHP Local File Inclusion.This issue affects The Qlean: from n/a through <= 2.12.
CVE-2026-27985 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Humanum humanum allows PHP Local File Inclusion.This issue affects Humanum: from n/a through <= 1.1.4.
CVE-2026-27381 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Aora aora allows PHP Local File Inclusion.This issue affects Aora: from n/a through <= 1.3.15.
CVE-2026-28041 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Grit grit allows PHP Local File Inclusion.This issue affects Grit: from n/a through <= 1.0.1.
CVE-2026-28034 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Progress progress allows PHP Local File Inclusion.This issue affects Progress: from n/a through <= 1.2.
CVE-2026-28020 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Chroma chroma allows PHP Local File Inclusion.This issue affects Chroma: from n/a through <= 1.11.
CVE-2026-28018 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through <= 3.20.
CVE-2026-28013 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Kratz kratz allows PHP Local File Inclusion.This issue affects Kratz: from n/a through <= 1.0.12.
CVE-2026-28043 2026-03-06 N/A 9.8 CRITICAL
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Healer - Doctor, Clinic & Medical WordPress Theme healer allows PHP Local File Inclusion.This issue affects Healer - Doctor, Clinic & Medical WordPress Theme: from n/a through <= 1.0.0.
CVE-2026-28017 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Green Thumb greenthumb allows PHP Local File Inclusion.This issue affects Green Thumb: from n/a through <= 1.1.12.
CVE-2026-28016 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Luxury Wine luxury-wine allows PHP Local File Inclusion.This issue affects Luxury Wine: from n/a through <= 1.1.14.
CVE-2026-28015 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX ShiftCV shift-cv allows PHP Local File Inclusion.This issue affects ShiftCV: from n/a through <= 3.0.14.
CVE-2026-28014 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Translogic translogic allows PHP Local File Inclusion.This issue affects Translogic: from n/a through <= 1.2.11.
CVE-2026-28050 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through <= 2.24.
CVE-2026-28048 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech FlashMart flashmart allows PHP Local File Inclusion.This issue affects FlashMart: from n/a through <= 2.0.15.
CVE-2026-28046 2026-03-06 N/A 8.1 HIGH
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Law Office law-office allows PHP Local File Inclusion.This issue affects Law Office: from n/a through <= 3.3.0.