PT-2026-27931 · Lovedate · Lovedate
Published
2026-03-25
·
Updated
2026-03-30
·
CVE-2026-25381
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LoveDate versions prior to 3.8.6
Description
A flaw exists in the handling of filenames used in include/require statements within the PHP program LoveDate. This can lead to a PHP Local File Inclusion issue. The issue allows for the inclusion of local PHP files.
Recommendations
Update LoveDate to version 3.8.6 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Lovedate