CVE-2024-43261

Name of the Vulnerable Software and Affected Versions Hamed Naderfar Compute Links versions 1.2.1 and earlier

Description The issue is related to improper control of filenames for Include/Require statements in PHP programs, allowing PHP Remote File Inclusion. This problem enables the inclusion of remote PHP files.

Recommendations For versions 1.2.1 and earlier, consider disabling the Include/Require statement functionality until a patch is available. Restrict access to vulnerable PHP files to minimize the risk of exploitation. Avoid using vulnerable filenames in Include/Require statements until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.