Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
ElectroServ allows accessing local files on the server
CVE-2026-22435
Summary
The ElectroServ software from AncoraThemes allows attackers to access and potentially view or modify system files on the server where it's installed. This could lead to sensitive data exposure or unauthorized changes to the system. To protect your server, update ElectroServ to the latest version or remove it if you don't need it.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes ElectroServ electroserv allows PHP Local File Inclusion.This is...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes ElectroServ electroserv allows PHP Local File Inclusion.This issue affects ElectroServ: from n/a through <= 1.3.2.
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026