PT-2024-36151 · Axeptio · Axeptio
H0J3N
·
Published
2024-12-18
·
Updated
2024-12-18
·
CVE-2024-54270
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Axeptio versions n/a through 2.5.3
Description:
The issue affects Axeptio, allowing PHP Local File Inclusion due to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion'.
Recommendations:
For Axeptio versions n/a through 2.5.3, update to a version later than 2.5.3 to resolve the issue.
At the moment, there is no information about additional mitigation measures for this specific vulnerability.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Axeptio