PT-2025-7865 · Deetronix · Deetronix Affiliate Coupons

Peter Thaleikis

Published

2025-02-25

Updated

2025-02-27

CVE-2025-26957

CVSS v3.1

7.5

High

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Deetronix Affiliate Coupons versions 1.7.3 and earlier

Description The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion' vulnerability. This allows PHP Local File Inclusion, which can be exploited.

Recommendations For Deetronix Affiliate Coupons versions 1.7.3 and earlier, update to a version later than 1.7.3 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-98

Related Identifiers

CVE-2025-26957

Affected Products

Deetronix Affiliate Coupons

PT-2025-7865 · Deetronix · Deetronix Affiliate Coupons

CVE-2025-26957

Weakness Enumeration

Related Identifiers

Affected Products

References · 7