Lfi

FreePBX released security advisories addressing authenticated SQL injection and local file inclusion vulnerabilities in the Security-Reporting cdr and dashboard modules for FreePBX 16 and 17.

The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion (LFI) in versions up to 4.1.0, allowing authenticated attackers with subscriber-level access to include and execute arbitrary PHP files on the server via the 'template' parameter, potentially leading to access control bypass, sensitive data access, or code execution.

A public exploit, rwsploit, has been released targeting CVE-2012-3152 and CVE-2012-3153 in Oracle Reports Server versions below 11g, enabling unauthenticated file read, SSRF, and JSP shell upload.

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to local file inclusion (LFI) via the 'path' parameter in the 'get_content' AJAX action, allowing authenticated attackers with Author-level access or higher to include and execute arbitrary PHP files, leading to potential code execution.

A local file inclusion vulnerability (CVE-2026-39850) exists in Yii 2 versions prior to 2.0.55 due to the `View::renderPhpFile()` method's handling of the `_file_` parameter, allowing attackers to read arbitrary files and potentially achieve remote code execution if they can write PHP files.

CVE-2025-5804 is a PHP Local File Inclusion vulnerability in the Case Theme User WordPress plugin before version 1.0.4 due to improper filename control in include/require statements, potentially allowing attackers to execute arbitrary code by including malicious local files.

CVE-2025-58913 is a PHP Local File Inclusion vulnerability in the CactusThemes VideoPro WordPress theme, affecting versions from n/a through 2.3.8.1 due to improper control of the filename for include/require statements, potentially allowing unauthorized file access.

SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint (CVE-2026-7807) that allows authenticated users to read arbitrary .json files, potentially leading to credential compromise.