|
2381
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Rosebud rosebud allows PHP Local File Inclusion.This issue affec…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27081
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2382
|
8.1 |
HIGH
Network
|
-
|
-
|
Control inadecuado del nombre de fichero para la declaración Include/Require en el programa PHP ('PHP inclusión remota de ficheros') vulnerabilidad en Mikado-Themes Rosebud rosebud permite PHP inclus…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-27081
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2383
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in ThemeREX Love Story lovestory allows Object Injection.This issue affects Love Story: from n/a through <= 1.3.12.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27082
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2384
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en ThemeREX Love Story lovestory permite la inyección de objetos. Este problema afecta a Love Story: desde n/a hasta <= 1.3.12.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27082
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2385
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in ThemeREX Work & Travel Company work-travel-company allows Object Injection.This issue affects Work & Travel Company: from n/a through <= 1.2.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27083
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2386
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en ThemeREX Work & Travel Company work-travel-company permite la inyección de objetos. Este problema afecta a Work & Travel Company: d…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27083
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2387
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in ThemeREX Buisson buisson allows Object Injection.This issue affects Buisson: from n/a through <= 1.1.11.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27084
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2388
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de deserialización de datos no confiables en ThemeREX Buisson buisson permite la inyección de objetos. Este problema afecta a Buisson: desde n/a hasta <= 1.1.11.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-27084
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2389
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in G5Theme Wolverine Framework wolverine-framework allows Reflected XSS.This issue affects Wolverine…
|
CWE-79
Cross-site Scripting
|
CVE-2026-27087
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2390
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en G5Theme Wolverine Framework wolverine-framework permite XSS Reflejado. Este pro…
|
CWE-79
Cross-site Scripting
|
CVE-2026-27087
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
