CVE-2025-67616

Name of the Vulnerable Software and Affected Versions Mella versions prior to 1.2.30

Description Improper control of the filename for the Include/Require statement in the PHP program allows for Local File Inclusion. This occurs when the application does not sufficiently validate the file paths used in include or require functions, potentially allowing an attacker to read or execute files on the server.

Recommendations Update to a version later than 1.2.29.