CVE-2025-54034

Name of the Vulnerable Software and Affected Versions: Tribulant Software Newsletters versions not specified through 4.10

Description: The software contains an improper control of filename for include/require statement, leading to a PHP Local File Inclusion issue.

Recommendations: Versions prior to 4.10 should be updated. At the moment, there is no information about a newer version that contains a fix for this vulnerability.