High
CVE-2025-47572
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla School Management allows PHP Local File Inclusion. This issue affects…
Tag: PHP
All CVEs associated with "PHP". Page 50/312 • 37334 CVEs.
Subscribe CVEs: RSS for “PHP” · RSS (High+Critical only)
About “PHP”
A curated feed of “PHP”-related CVEs appears below. We currently track 37334 CVEs for this tag (all time). In the last 365 days, 6058 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 50% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion').
In our taxonomy this topic maps to a LOW impact class. Language runtimes and libraries cascade through dependency graphs. Upgrade runtime and toolchain, pin versions, rebuild images, and enable SAST or DAST and linters. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-06-17
High
CVE-2025-32549
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPGYM allows PHP Local File Inclusion. This issue affects WPGYM: from…
High
CVE-2025-29002
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Simen snssimen allows PHP Local File Inclusion.This issue affects Sim…
High
CVE-2025-28991
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Evon snsevon allows PHP Local File Inclusion.This issue affects Evon:…
High
CVE-2025-24761
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme DSK dsk allows PHP Local File Inclusion.This issue affects DSK: from…
High
CVE-2025-3515
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1…
Medium
CVE-2025-6173
A vulnerability classified as critical was found in Webkul QloApps 1.6.1. Affected by this vulnerability is an unknown functionality of the file /admin/ajax_products_list.php. The manipulation of the…
High
CVE-2025-6161
A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the a…
High
CVE-2025-6160
A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create…
High
CVE-2025-6159
A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argumen…
High
CVE-2025-6157
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-tes…
Medium
CVE-2025-6156
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /bwdates-re…
High
CVE-2025-6155
A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of t…
High
CVE-2025-6154
A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of th…
High
CVE-2025-6153
A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the…
2025-06-16
Medium
CVE-2025-6136
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipula…
Medium
CVE-2025-6135
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipula…
Medium
CVE-2025-6134
A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of th…
Medium
CVE-2025-6133
A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The mani…
High
CVE-2025-6132
A vulnerability has been found in Chanjet CRM 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysconfig/departmentsetting.php. The manipulation…
Low
CVE-2025-6127
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search-report.ph…
Medium
CVE-2025-6126
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The…
Low
CVE-2025-6125
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the…
High
CVE-2025-6124
A vulnerability was found in code-projects Restaurant Order System 1.0 and classified as critical. This issue affects some unknown processing of the file /tablelow.php. The manipulation of the argume…
High
CVE-2025-6123
A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argum…
Medium
CVE-2025-6122
A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID lea…
Medium
CVE-2025-40729
Reflected Cross-Site Scripting (XSS) in /customer_support/index.php in Customer Support System v1.0, which allows remote attackers to execute arbitrary code via the page parameter.
High
CVE-2025-40728
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an authenticated attacker to retrieve, create, update and delete databases via the id parameter in the /customer…
High
CVE-2025-6104
A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to 20250506. This affects an unknown part of the file /billing/pms_check.php. The manipulation of the ar…
High
CVE-2025-6103
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/test_accessc…
High
CVE-2025-6102
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506. Affected by this vulnerability is an unknown functionality of the file /authentication/logout.php. The…
Medium
CVE-2025-6096
A vulnerability has been found in codesiddhant Jasmin Ransomware up to 1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /dashboard.php. The man…
2025-06-15
High
CVE-2025-6095
A vulnerability, which was classified as critical, was found in codesiddhant Jasmin Ransomware 1.0.1. Affected is an unknown function of the file /checklogin.php. The manipulation of the argument use…
Medium
CVE-2025-6094
A vulnerability, which was classified as critical, has been found in qianfox FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulat…
2025-06-14
Critical
CVE-2025-6065
The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. Thi…
Medium
CVE-2025-6062
The Yougler Blogger Profile Page plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, v1.01. This is due to missing or incorrect nonce validation on…
Medium
CVE-2025-6055
The Zen Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3. This is due to missing or incorrect nonce validation on the 'zen-soci…
High
CVE-2025-4200
The Zagg - Electronics & Accessories WooCommerce WordPress Theme theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.1 via the load_view() function tha…
2025-06-12
Medium
CVE-2023-45256
Multiple SQL injection vulnerabilities in the EuroInformation MoneticoPaiement module before 1.1.1 for PrestaShop allow remote attackers to execute arbitrary SQL commands via the TPE, societe, MAC, r…
Medium
CVE-2025-6009
A vulnerability was found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ipAddPost.php. The manipulation of the argum…
Medium
CVE-2025-6008
A vulnerability has been found in kiCode111 like-girl 5.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/ImgAddPost.php. The manipulation…
Medium
CVE-2025-6007
A vulnerability, which was classified as critical, was found in kiCode111 like-girl 5.2.0. Affected is an unknown function of the file /admin/CopyadminPost.php. The manipulation of the argument icp/C…
Medium
CVE-2025-6006
A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the…
Medium
CVE-2025-6005
A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutim…
2025-06-11
High
CVE-2025-5395
The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'core.php' file in all versions up to, and including, 3.115…
High
CVE-2025-4799
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.…
2025-06-10
Low
CVE-2025-5984
A vulnerability has been found in SourceCodester Online Student Clearance System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/add-f…
High
CVE-2025-5980
A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the file /order.php. The manipulation of the argument tabidNo…
High
CVE-2025-5979
A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument ID leads…
High
CVE-2025-5977
A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /datatable.php. The manipulation of the ar…
Low
CVE-2025-5976
A vulnerability has been found in PHPGurukul Rail Pass Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/add-pass.php. The manipulation o…
Medium
CVE-2025-5975
A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of th…
Low
CVE-2025-5974
A vulnerability, which was classified as problematic, has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this issue is some unknown functionality of the file /check-status.…
Low
CVE-2025-5973
A vulnerability classified as problematic was found in PHPGurukul Restaurant Table Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/add-table.php. The…
Low
CVE-2025-5972
A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation o…
Medium
CVE-2025-5971
A vulnerability was found in code-projects School Fees Payment System 1.0. It has been classified as critical. This affects an unknown part of the file /ajx.php. The manipulation of the argument name…
Low
CVE-2025-5970
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. Th…
High
CVE-2025-49454
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean TinySalt tinysalt allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-4954
The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary files such as PHP on the ser…
High
CVE-2025-5952
A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_…
High
CVE-2025-5913
A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The mani…
2025-06-09
High
CVE-2025-49141
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the `gitImportSite` functionality obtains a URL string from a POST request and insufficiently…
Medium
CVE-2025-49139
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load another site in an iframe. Th…
Medium
CVE-2025-49138
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint a…
High
CVE-2025-49137
HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbit…
Low
CVE-2025-5886
A vulnerability was found in Emlog up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin/article.php. The manipulation of the argument active_post l…
High
CVE-2025-49297
Path Traversal: '.../...//' vulnerability in Mikado-Themes Grill and Chow grillandchow allows PHP Local File Inclusion.This issue affects Grill and Chow: from n/a through <= 1.6.
High
CVE-2025-49296
Path Traversal: '.../...//' vulnerability in Mikado-Themes GrandPrix grandprix allows PHP Local File Inclusion.This issue affects GrandPrix: from n/a through <= 1.6.
High
CVE-2025-49295
Path Traversal: '.../...//' vulnerability in Mikado-Themes MediClinic mediclinic allows PHP Local File Inclusion.This issue affects MediClinic: from n/a through <= 2.1.
High
CVE-2025-49282
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magze magze allows PHP Local File Inclusion.This issue affects Magze:…
High
CVE-2025-49281
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magways magways allows PHP Local File Inclusion.This issue affects Ma…
High
CVE-2025-49280
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Magty magty allows PHP Local File Inclusion.This issue affects Magty:…
High
CVE-2025-49279
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogvy blogvy allows PHP Local File Inclusion.This issue affects Blog…
High
CVE-2025-49278
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogty blogty allows PHP Local File Inclusion.This issue affects Blog…
High
CVE-2025-49277
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogprise blogprise allows PHP Local File Inclusion.This issue affect…
High
CVE-2025-49276
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogmine blogmine allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-49275
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in unfoldwp Blogbyte blogbyte allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-48126
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essential-real-estate allows PHP Local File Incl…
High
CVE-2025-48125
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Event Manager WP Event Manager wp-event-manager allows PHP Local File Inclu…
Medium
CVE-2025-46178
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of…
High
CVE-2025-39476
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech Revo revo allows PHP Local File Inclusion.This issue affects Revo: f…
High
CVE-2025-39475
Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through <= 6.0.3.
High
CVE-2025-39473
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebGeniusLab Seofy Core seofy-core allows PHP Local File Inclusion.This issue affects Seofy Core: from…
High
CVE-2025-32595
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Krowd krowd allows PHP Local File Inclusion.This issue affects Krowd: f…
High
CVE-2025-28992
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Anton snsanton allows PHP Local File Inclusion.This issue affects…
High
CVE-2025-28945
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Valen - Sport, Fashion WooCommerce WordPress Theme valen allows PHP L…
High
CVE-2025-28944
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Avaz snsavaz allows PHP Local File Inclusion.This issue affects Avaz:…
High
CVE-2025-28888
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme GiftXtore bw-giftxtore allows PHP Local File Inclusion.This issue aff…
High
CVE-2025-27362
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Petito bw-petito allows PHP Local File Inclusion.This issue affects P…
High
CVE-2025-26592
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Lab lab allows PHP Local File Inclusion.This issue affects Lab: fr…
High
CVE-2025-24770
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme CraftXtore bw-craftxtore allows PHP Local File Inclusion.This issue a…
High
CVE-2025-24768
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Nitan snsnitan allows PHP Local File Inclusion.This issue affects Nit…
High
CVE-2023-26005
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BZOTheme Fitrush allows PHP Local File Inclusion. This issue affects Fitrush:…
High
CVE-2023-25999
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme BodyCenter - Gym, Fitness WooCommerce WordPress Theme allows PHP Loca…
Medium
CVE-2025-5881
A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the…
Medium
CVE-2025-5877
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /application/models/Applicatio…
Medium
CVE-2025-5873
A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component Web UI. Performing a manip…
High
CVE-2025-5860
A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown part of the file /admin/search-booking-request.php. The manipulat…
Medium
CVE-2025-5859
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-detai…
Medium
CVE-2025-5858
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulatio…
Medium
CVE-2025-5857
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipula…
High
CVE-2025-5856
A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of…
2025-06-07
High
CVE-2025-5840
A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The man…
Medium
CVE-2025-5838
A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. T…
Medium
CVE-2025-5837
A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the…
2025-06-06
Low
CVE-2025-5797
A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. This issue affects some unknown processing of the file /data/insert_type.php. The manipulation of the argu…
Low
CVE-2025-5796
A vulnerability has been found in code-projects Laundry System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /data/edit_type.php. The manipulation of the argu…
Medium
CVE-2025-5784
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the…
Medium
CVE-2025-5783
A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. This affects an unknown part of the file /editmyexp.php. The manipulation of the argu…
Medium
CVE-2025-5782
A vulnerability, which was classified as critical, has been found in PHPGurukul Employee Record Management System 1.3. Affected by this issue is some unknown functionality of the file /resetpassword.…
Medium
CVE-2025-5780
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_dental.php. The mani…
Medium
CVE-2025-5779
A vulnerability has been found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /birthing.php.…
Low
CVE-2025-5765
A vulnerability was found in code-projects Laundry System 1.0. It has been classified as problematic. This affects an unknown part of the file /data/edit_laundry.php. The manipulation of the argument…
Low
CVE-2025-5764
A vulnerability was found in code-projects Laundry System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/insert_laundry.php. The manipulatio…
High
CVE-2025-49313
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme BRW ova-brw allows PHP Local File Inclusion.This issue affects BRW: f…
High
CVE-2025-49308
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine wp-travel-engine allows PHP Local File Inclu…
High
CVE-2025-49307
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magazine3 WP Multilang wp-multilang allows PHP Local File Inclusion.This issue…
High
CVE-2025-30999
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Fahad Mahmood External Store for Shopify wp-shopify allows PHP Local File Incl…
High
CVE-2023-25995
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator allows PHP Local File Inclusion. Thi…
Medium
CVE-2025-5762
A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown function of the file view_hematology.php. The manipulation o…