Improper Control of Filename for Include/Require...
Critical severity
Unreviewed
Published
Dec 9, 2025
to the GitHub Advisory Database
•
Updated Jan 20, 2026
Description
Published by the National Vulnerability Database
Dec 9, 2025
Published to the GitHub Advisory Database
Dec 9, 2025
Last updated
Jan 20, 2026
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in trippleS Turitor turitor allows PHP Local File Inclusion.This issue affects Turitor: from n/a through < 1.5.3.
References