Latest CVE Feed
-
8.2
HIGHCVE-2025-66675
Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, from 7.0.0 through 7.0.3. Users are recommended to upgrade to version 6.8.0 o... Read more
Affected Products : struts- Published: Dec. 10, 2025
- Modified: Dec. 16, 2025
- Vuln Type: Denial of Service
-
8.2
HIGHCVE-2025-58940
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Basil basil allows PHP Local File Inclusion.This issue affects Basil: from n/a through <= 1.3.12.... Read more
Affected Products : basil- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58941
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0.... Read more
Affected Products : fabric- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58942
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Dwell dwell allows PHP Local File Inclusion.This issue affects Dwell: from n/a through <= 1.7.0.... Read more
Affected Products : dwell- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58930
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes FitFlex fitflex allows PHP Local File Inclusion.This issue affects FitFlex: from n/a through <= 1.6.... Read more
Affected Products : fitflex- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Injection
-
8.2
HIGHCVE-2025-58931
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Palatio palatio allows PHP Local File Inclusion.This issue affects Palatio: from n/a through <= 1.6.... Read more
Affected Products : palatio- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58932
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Prisma prisma allows PHP Local File Inclusion.This issue affects Prisma: from n/a through <= 1.10.... Read more
Affected Products : prisma- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58803
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Algenix algenix allows PHP Local File Inclusion.This issue affects Algenix: from n/a through <= 1.0.... Read more
Affected Products : algenix- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58889
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Towny towny allows PHP Local File Inclusion.This issue affects Towny: from n/a through <= 1.16.... Read more
Affected Products : towny- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-1545
An XPath Injection vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to retrieve sensitive information from the Firebox configuration through an exposed authentication or management web interface. This vulnerability only ... Read more
Affected Products : fireware firebox_m270 firebox_m290 firebox_m370 firebox_m390 firebox_m440 firebox_m470 firebox_m4800 firebox_m570 firebox_m5800 +25 more products- Published: Dec. 04, 2025
- Modified: Dec. 10, 2025
- Vuln Type: Injection
-
8.2
HIGHCVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consu... Read more
Affected Products : infinity- Published: Dec. 25, 2025
- Modified: Dec. 29, 2025
- Vuln Type: Authorization
-
8.2
HIGHCVE-2025-58885
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Pathfinder pathfinder allows PHP Local File Inclusion.This issue affects Pathfinder: from n/a through <= 1.16.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58929
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Pantry pantry allows PHP Local File Inclusion.This issue affects Pantry: from n/a through <= 1.4.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-60063
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through <= 1.2.3.... Read more
Affected Products : rosalinda- Published: Dec. 18, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58896
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Otaku otaku allows PHP Local File Inclusion.This issue affects Otaku: from n/a through <= 1.8.0.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58893
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Alright alright allows PHP Local File Inclusion.This issue affects Alright: from n/a through <= 1.6.1.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58894
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Good Mood good-mood allows PHP Local File Inclusion.This issue affects Good Mood: from n/a through <= 1.16.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58895
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Integro integro allows PHP Local File Inclusion.This issue affects Integro: from n/a through <= 1.8.0.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-60049
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Soleil soleil allows PHP Local File Inclusion.This issue affects Soleil: from n/a through <= 1.17.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal
-
8.2
HIGHCVE-2025-58892
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Tourimo tourimo allows PHP Local File Inclusion.This issue affects Tourimo: from n/a through <= 1.2.3.... Read more
Affected Products :- Published: Dec. 18, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Path Traversal