CVE-2025-52814 – Ovatheme BRW PHP RFI Vulnerability

June 27, 2025

CVE ID : CVE-2025-52814

Published : June 27, 2025, 12:15 p.m. | 2 hours, 14 minutes ago

Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in ovatheme BRW allows PHP Local File Inclusion. This issue affects BRW: from n/a through 1.7.9.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52815 – AncoraThemes CityGov PHP Remote File Inclusion Vulnerability

Next Article CVE-2025-52812 – ApusWP Domnoo PHP Local File Inclusion Vulnerability

Highlights

CVE-2025-7797 – GPAC Dash Client Null Pointer Dereference Remote Vulnerability

July 18, 2025

CVE ID : CVE-2025-7797

Published : July 18, 2025, 6:15 p.m. | 4 hours, 31 minutes ago

Description : A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null pointer dereference. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa. It is recommended to apply a patch to fix this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Xbox’s Age of Empires 2: Definitive Edition is getting The Three Kingdoms DLC, bringing new units, campaigns, and more

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-52814 – Ovatheme BRW PHP RFI Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

Gamers bypass UK age verification with Death Stranding — no real face or VPN required

Fuel your creativity with new generative media models and tools

CVE-2025-0691 – Devolutions Server Access Control Bypass

CVE-2025-6288 – PHPGurukul Bus Pass Management System Cross Site Scripting (XSS)

CVE-2025-7797 – GPAC Dash Client Null Pointer Dereference Remote Vulnerability

Xbox’s Age of Empires 2: Definitive Edition is getting The Three Kingdoms DLC, bringing new units, campaigns, and more

Data Management & Optimization [SUBSCRIBER]

With iOS 26, Apple finally makes your iPhone’s Photos app usable again

CVE-2025-52814 – Ovatheme BRW PHP RFI Vulnerability

Related Posts