PT-2026-45741 · Fermentio · Fermentio
Published
2026-06-02
·
Updated
2026-06-04
·
CVE-2025-58897
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Fermentio versions prior to 1.5.1
Description
Improper Control of Filename for Include/Require Statement in PHP Program allows Local File Inclusion. This occurs when the application fails to properly validate the filename used in PHP include or require statements, potentially allowing an attacker to include and execute local files on the server.
Recommendations
Update to a version newer than 1.5.0.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Fermentio