A improper control of filename for include/require statement in PHP program vulnerability in the retrieve course Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to perform arbitrary system commands by running a malicious file.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://zuso.ai/advisory/za-2025-03 |
Configurations
No configuration.
History
17 Apr 2025, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-04-17 03:15
Updated : 2025-04-17 20:21
NVD link : CVE-2025-31340
Mitre link : CVE-2025-31340
CVE.ORG link : CVE-2025-31340
JSON object : View
Products Affected
No product.
CWE
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')