Vulnerabilities and security researches forlicense-envato license-envato

Apr 25, 2025

CVE, Research URL: CVE-2025-39399
Home page URL: Security reports for License For Envato
Application: License For Envato
Date: Apr 24, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato allows PHP Local File Inclusion. This issue affects License For Envato: from n/a through 1.0.0.
Affected versions: max 1.0.0.
Status: vulnerable

Apr 14, 2025

CVE, Research URL: CVE-2025-32566
Home page URL: Security reports for License For Envato
Application: License For Envato
Date: Apr 17, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashraful Sarkar Naiem License For Envato allows Reflected XSS. This issue affects License For Envato: from n/a through 1.0.0.
Affected versions: max 1.0.0.
Status: vulnerable