Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) — Vulnerability Class 1082

1082 vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-41228 Froxlor has Local File Inclusion via path traversal in API `def_language` parameter that leads to Remote Code Execution — froxlor 10.0 Critical2026-04-23
CVE-2026-1620 Livemesh Addons by Elementor <= 9.0 - Authenticated (Contributor+) Local File Inclusion via Widget Template Parameter — Livemesh Addons by Elementor 8.8 High2026-04-16
CVE-2026-39387 BoidCMS: Local File Inclusion (LFI) leads to Remote Code Execution (RCE) via tpl parameter — BoidCMS 7.2 High2026-04-14
CVE-2025-58913 WordPress VideoPro theme <= 2.3.8.1 - Local File Inclusion vulnerability — VideoPro 8.1 High2026-04-10
CVE-2025-5804 WordPress Case Theme User < 1.0.4 - Local File Inclusion Vulnerability — Case Theme User 7.5 High2026-04-10
CVE-2026-39684 WordPress OrganicFood theme <= 3.6.4 - Local File Inclusion vulnerability — OrganicFood 9.8AICriticalAI2026-04-08
CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability — Freeio 9.1AICriticalAI2026-04-08
CVE-2026-39681 WordPress Homeo theme <= 1.2.59 - Local File Inclusion vulnerability — Homeo 9.1AICriticalAI2026-04-08
CVE-2026-39677 WordPress Emphires theme <= 3.9 - Local File Inclusion vulnerability — Emphires 9.1AICriticalAI2026-04-08
CVE-2026-39623 WordPress Biolife theme <= 3.2.3 - Local File Inclusion vulnerability — Biolife 9.8AICriticalAI2026-04-08
CVE-2026-39613 WordPress Boutique theme <= 2.3.3 - Local File Inclusion vulnerability — Boutique 9.1AICriticalAI2026-04-08
CVE-2026-39611 WordPress KuteShop theme <= 4.2.9 - Local File Inclusion vulnerability — KuteShop 8.8AIHighAI2026-04-08
CVE-2026-39544 WordPress LabtechCO theme <= 8.3 - Local File Inclusion vulnerability — LabtechCO 8.8AIHighAI2026-04-08
CVE-2026-39538 WordPress Mikado Core plugin <= 1.6 - Local File Inclusion vulnerability — Mikado Core 9.8AICriticalAI2026-04-08
CVE-2026-34787 Emlog: Local File Inclusion in plugin.php via unsanitized plugin parameter — emlog 6.5 Medium2026-04-03
CVE-2026-34036 Dolibarr Core Discloses Sensitive Data via Authenticated Local File Inclusion in selectobject.php — dolibarr 6.5 Medium2026-03-31
CVE-2018-25231 HeidiSQL 9.5.0.5196 Denial of Service via Preferences — HeidiSQL 6.2 Medium2026-03-30
CVE-2026-32537 WordPress Visual Portfolio, Photo Gallery & Post Grid plugin <= 3.5.1 - Local File Inclusion vulnerability — Visual Portfolio, Photo Gallery & Post Grid 8.8 -2026-03-25
CVE-2026-32531 WordPress Kunco theme < 1.4.5 - Local File Inclusion vulnerability — Kunco 9.1 -2026-03-25
CVE-2026-32505 WordPress Kiddy theme <= 2.0.8 - Local File Inclusion vulnerability — Kiddy 9.1 -2026-03-25
CVE-2026-32503 WordPress Trendustry theme <= 1.1.4 - Local File Inclusion vulnerability — Trendustry 9.1 -2026-03-25
CVE-2026-32500 WordPress MetaMax theme <= 1.1.4 - Local File Inclusion vulnerability — MetaMax 9.1 -2026-03-25
CVE-2026-32504 WordPress VintWood theme <= 1.1.8 - Local File Inclusion vulnerability — VintWood 9.1 -2026-03-25
CVE-2026-27081 WordPress Rosebud theme <= 1.4 - Local File Inclusion vulnerability — Rosebud 8.1 High2026-03-25
CVE-2026-27079 WordPress Amfissa theme <= 1.1 - Local File Inclusion vulnerability — Amfissa 8.1 High2026-03-25
CVE-2026-27080 WordPress Deston theme <= 1.0 - Local File Inclusion vulnerability — Deston 8.1 High2026-03-25
CVE-2026-27077 WordPress MultiOffice theme <= 1.2 - Local File Inclusion vulnerability — MultiOffice 8.1 High2026-03-25
CVE-2026-27076 WordPress LuxeDrive theme <= 1.0 - Local File Inclusion vulnerability — LuxeDrive 8.1 High2026-03-25
CVE-2026-27078 WordPress Emaurri theme <= 1.0.1 - Local File Inclusion vulnerability — Emaurri 8.1 High2026-03-25
CVE-2026-27075 WordPress Belfort theme <= 1.0 - Local File Inclusion vulnerability — Belfort 8.1 High2026-03-25

Vulnerabilities classified as CWE-98 (PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)) represent 1082 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.