CVE-2025-60240

Publication date

2025-11-06 15:55:10

Family

Patchstack

State

PUBLISHED

Description

Improper Control of Filename for Include/Require Statement in PHP Program (PHP Remote File Inclusion) vulnerability in Alexander AnyComment anycomment allows PHP Local File Inclusion.This issue affects AnyComment: from n/a through <= 0.3.6.