Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
Fana Fana: Malicious Files Can Be Loaded from Local Computer
CVE-2025-68539
Summary
A security flaw in Fana Fana allows hackers to access and read files from a local computer. This could potentially allow them to access sensitive information. Users should update to a fixed version of Fana Fana to protect against this risk.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: f...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Fana fana allows PHP Local File Inclusion.This issue affects Fana: from n/a through <= 1.1.35.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026