CVE-2025-48292 – GoodLayers Tourmaster PHP Remote File Inclusion Vulnerability

May 28, 2025

CVE ID : CVE-2025-48292

Published : May 23, 2025, 1:15 p.m. | 5 days ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in GoodLayers Tourmaster allows PHP Local File Inclusion. This issue affects Tourmaster: from n/a through 5.3.8.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3864 – Hackney HTTP Connection Pool Exhaustion Vulnerability

Next Article CVE-2025-48289 – AncoraThemes Kids Planet Deserialization of Untrusted Data Object Injection Vulnerability

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

Oblivion Remastered and Metal Gear Solid Delta co-developer Virtuos faces layoffs — with 270 workers cut

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

Steam takes down tons of porn games, cracks down on “certain kinds of adult-only content” — here’s why, and its new policy

CVE-2025-48292 – GoodLayers Tourmaster PHP Remote File Inclusion Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

NVIDIA AI Releases Describe Anything 3B: A Multimodal LLM for Fine-Grained Image and Video Captioning

Trend Micro meldt kritiek RCE-lek in beveiligingsplatform Apex Central

CVE-2025-31144 – Quick Agent Windows RCE Vulnerability

CVE-2025-5224 – Campcodes Online Hospital Management System SQL Injection Vulnerability

Apple will give you a free pair of AirPods when you buy a MacBook or iPad for school – here’s who’s eligible

CVE-2025-4783 – Elementor Exclusive Addons WordPress Stored Cross-Site Scripting Vulnerability

CVE-2025-4838 – Kanwangzjm Funiture Open Redirect Vulnerability

CVE-2025-31231 – Apple macOS Sequoia Location Information Disclosure Vulnerability

CVE-2025-48292 – GoodLayers Tourmaster PHP Remote File Inclusion Vulnerability

Related Posts