cleantalk
Vulnerabilities and Security Researches

FULL – Cliente, CVE-2025-26757

CVE, Research URL

CVE-2025-26757

Home page URL

Security reports for FULL – Cliente

Application

FULL – Cliente

Published on
Feb 22, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL SERVICES FULL Customer allows PHP Local File Inclusion. This issue affects FULL Customer: from n/a through 3.1.26.
Affected versions
Min -, max 3.1.27.
Status
vulnerable
Previous vulnerability researches
FULL – Cliente (CVE-2024-9211) , Oct 12, 2024
FULL – Cliente (CVE-2023-4242) , Jun 07, 2024
FULL – Cliente (CVE-2023-4243) , Jun 07, 2024
FULL – Cliente (CVE-2024-54313) , Dec 15, 2024
FULL – Cliente (CVE-2025-26757) , Feb 24, 2025
New vulnerability
Job Listings (CVE-2025-3918) , May 04, 2025
Popups, Email Popup, Exit Intent Pop Up, Upsell Pop Up, Cart Abandonment Popups, Contact Form Builder – Personizely (CVE-2025-3779) , May 04, 2025
VerticalResponse Newsletter Widget (CVE-2025-4172) , May 04, 2025
Subpage List (CVE-2025-4168) , May 04, 2025
OTP-less one tap Sign in (CVE-2025-3746) , May 04, 2025