Lessonxko

**Name of the Vulnerable Software and Affected Versions** Creatiwity wityCMS version 0.6.2 **Description** A Local File Inclusion issue in the /system/WCore/WHelper.php file allows remote attackers to include local PHP files, which can lead to the execution of PHP code, or read non-PHP files by replacing a helper.json file. **Recommendations** For Creatiwity wityCMS version 0.6.2, consider restricting access to the /system/WCore/WHelper.php file until a patch is available. As a temporary workaround, avoid using the vulnerable helper.json file replacement mechanism to minimize the risk of exploitation.