PT-2025-12939 · Hostiko · Hostiko

Bonds

·

Published

2025-03-26

·

Updated

2025-03-26

·

CVE-2025-27015

CVSS v3.1

7.5

High

VectorAV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Hostiko versions prior to 30.1
Description The issue affects the Hostiko software, allowing for PHP Local File Inclusion due to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion'.
Recommendations For versions prior to 30.1, update to version 30.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-98

Related Identifiers

CVE-2025-27015

Affected Products

Hostiko