11 matches found
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through 2.5.2...
CVE-2025-39458 WordPress Foton theme <= 2.5.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
CVE-2025-39458
CVE-2025-39458 is a Local File Inclusion (LFI) vulnerability in the WordPress Foton theme (Mikado-Themes Foton). Affected versions are Foton up to 2.5.2; patch exists in 2.6.1. Root cause: improper filename handling for include/require in PHP, enabling PHP Local File Inclusion. External details f...
PT-2025-22071
Name of the Vulnerable Software and Affected Versions: Mikado-Themes Foton versions n/a through 2.5.2 Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...
WordPress plugin Foton 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Foton theme <= 2.5.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Foton versions = 2.5.2...
WordPress Foton Theme <= 2.5.2 is vulnerable to Local File Inclusion
Software Foton Type Theme Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39458 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e548d81179ab Credits Bonds Required privilege Unauthenticated Published ...
auv.foton.com.cn XSS vulnerability
Open Bug Bounty ID: OBB-603278 Description| Value ---|--- Affected Website:| auv.foton.com.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
用友多个系统通用漏洞导致接口信息泄露引发多数据库信息泄露(涉及多个大型厂商)
简要描述: 详细说明: 通过webservice接口泄露,涉及多个系统 一、NC系统 http://123.232.105.202/ http://erp.suning.com.cn/ http://115.238.57.245/ 以苏宁为例。 接口地址:http://erp.suning.com.cn/uapws/service 会发现很多接口,以数据库内网链接泄露为例太多接口了,不一一测试了 得到数据库内网链接为:http://erp.suning.com.cn/uapws/service/nc.itf.ses.inittool.PortalSESInitToolService?ws...