11 matches found
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through 2.5.2...
CVE-2025-39458
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
CVE-2025-39458
CVE-2025-39458 is a Local File Inclusion (LFI) vulnerability in the WordPress Foton theme (Mikado-Themes Foton). Affected versions are Foton up to 2.5.2; patch exists in 2.6.1. Root cause: improper filename handling for include/require in PHP, enabling PHP Local File Inclusion. External details f...
CVE-2025-39458 WordPress Foton theme <= 2.5.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Foton foton allows PHP Local File Inclusion.This issue affects Foton: from n/a through = 2.5.2...
WordPress plugin Foton 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-22071
Name of the Vulnerable Software and Affected Versions: Mikado-Themes Foton versions n/a through 2.5.2 Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File...
WordPress Foton theme <= 2.5.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Foton versions = 2.5.2...
WordPress Foton Theme <= 2.5.2 is vulnerable to Local File Inclusion
Software Foton Type Theme Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39458 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e548d81179ab Credits Bonds Required privilege Unauthenticated Published ...
auv.foton.com.cn XSS vulnerability
Open Bug Bounty ID: OBB-603278 Description| Value ---|--- Affected Website:| auv.foton.com.cn Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
用友多个系统通用漏洞导致接口信息泄露引发多数据库信息泄露(涉及多个大型厂商)
简要描述: 详细说明: 通过webservice接口泄露,涉及多个系统 一、NC系统 http://123.232.105.202/ http://erp.suning.com.cn/ http://115.238.57.245/ 以苏宁为例。 接口地址:http://erp.suning.com.cn/uapws/service 会发现很多接口,以数据库内网链接泄露为例太多接口了,不一一测试了 得到数据库内网链接为:http://erp.suning.com.cn/uapws/service/nc.itf.ses.inittool.PortalSESInitToolService?ws...