Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
PatioTime allows hackers to read files on your server
CVE-2025-67992
Summary
A security issue in PatioTime allows hackers to read sensitive files on your server by manipulating a file path. This is a serious issue because it could allow unauthorized access to your server's data. You should update to the latest version of PatioTime (2.1 or later) to fix this issue.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue aff...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LoftOcean PatioTime patiotime allows PHP Local File Inclusion.This issue affects PatioTime: from n/a through < 2.1.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026