CVE-2026-32500

Name of the Vulnerable Software and Affected Versions CreativeWS MetaMax versions through 1.1.4

Description A flaw exists in the handling of filenames used in include/require statements within the PHP program, specifically in CreativeWS MetaMax. This allows for PHP Local File Inclusion. The issue impacts the application's ability to securely manage file inclusion, potentially leading to unauthorized access or code execution.

Recommendations Versions prior to 1.1.4 should be updated.