CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
There is an unauthenticated local file inclusion vulnerability in Orpheus versions <= 1.3.
There is an unauthenticated local file inclusion vulnerability in Spike versions <= 1.2.
Versions of Eros up to 1.3 are vulnerable to unauthenticated local file inclusion. An attacker can exploit this vulnerability to gain access to system files.
There is an unauthenticated local file inclusion vulnerability in Choreo versions <= 1.6.
WineShop versions up to 3.17 are vulnerable to unauthenticated local file inclusion. An attacker can exploit this vulnerability to gain access to system files.
There is a vulnerability in Grecko versions up to 5.17 that allows unauthenticated local file inclusion.
There is a vulnerability in Snowy versions up to 1.13 that allows unauthenticated local file inclusion.
Gita versions up to 1.11 are vulnerable to unauthenticated local file inclusion.
Versions of Printo up to 1.11 are vulnerable to unauthenticated local file inclusion. An attacker can exploit this vulnerability to gain access to system files.
Versions of Grand Car Rental up to 3.7 are vulnerable to unauthenticated Cross Site Scripting (XSS). An attacker can exploit this vulnerability to inject malicious scripts.
There is an unauthenticated local file inclusion vulnerability in Medeus versions <= 1.14.
There is an unauthenticated local file inclusion vulnerability in Top Dog versions <= 1.0.5.
There is an unauthenticated local file inclusion vulnerability in Quirky versions <= 1.23.
There is an unauthenticated local file inclusion vulnerability in Putter <= 1.17 versions.
Versions of Dom <= 1.24 have an unauthenticated local file inclusion vulnerability, which may lead to the exposure of sensitive data.
Gat versions up to 1.16 contain a vulnerability for unauthenticated local file inclusion, which may lead to the exposure of sensitive data.
Versions of Mission up to 1.22 are vulnerable to unauthenticated local file inclusion.
There is an unauthenticated local file inclusion vulnerability in Abelle versions <= 1.22.
Versions of Kelly Young up to 1.1.0 are vulnerable to unauthenticated local file inclusion.
Car Zone versions up to 3.7 have a vulnerability that allows unauthenticated arbitrary file deletion.

