CVE-2025-49261 – ThemBay Diza PHP Remote File Inclusion Vulnerability

June 17, 2025

CVE ID : CVE-2025-49261

Published : June 17, 2025, 3:15 p.m. | 2 hours, 59 minutes ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in thembay Diza allows PHP Local File Inclusion. This issue affects Diza: from n/a through 1.3.8.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49330 – Bigin Zoho CRM Contact Form 7 Object Injection Vulnerability

Next Article CVE-2025-49415 – Fastw3b LLC FW Gallery Path Traversal Vulnerability

8 Top AI Agent Development Companies Transforming Node.js Automation (2025–2026 Edition)

Representative Line: Reduced to a Union

Functional Personas With AI: A Lean, Practical Workflow

Vibe Coding vs React.js AI-Assisted Coding: A C-Suite Comparison (2025)

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

Development Release: Fedora 43 Beta

Distribution Release: Murena 3.1.1

Shopping Portal using Python Django & MySQL

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

What is Microsoft Copilot?

Distribution Release: Mauna Linux 25

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

Development Release: Fedora 43 Beta

CVE-2025-49261 – ThemBay Diza PHP Remote File Inclusion Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

20+ Incredible Photoshop Actions for Sketching Effects in 2025

CVE-2025-29662 – LandChat Remote Code Execution (RCE)

Microsoft bans exploitative devs from “selling” Gamerscore on Xbox and bundle spamming the store — gamers rejoice

Samsung offers enticing preorder deal for new Galaxy foldable phones ahead of July Unpacked

Hard-Coded ‘b’ Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

CVE-2025-3946 – Honeywell Experion PKS and OneWireless WDM Remote Code Execution via Input Data Manipulation

CrushFTP Servers Hit by Critical Zero-Day Vulnerability CVE-2025-54309

COSMIC Desktop di System76: completata la configurazione iniziale verso la versione stabile

CVE-2025-49261 – ThemBay Diza PHP Remote File Inclusion Vulnerability

Related Posts