CVE-2026-39611
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes KuteShop allows PHP Local File Inclusion.This issue affects KuteShop: from n/a through <= 4.2.9.
HIGH · CVSS 7.5
EPSS 0.00147
Schedule remediation
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0