Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.1
FlashMart Store Website Allows Unwanted Access to Local Files
CVE-2026-28048
Summary
A security issue in FlashMart store software allows an attacker to access sensitive files on the website's server. This could lead to unauthorized data exposure or system compromise. Update the software to the latest version (2.0.16 or later) to fix this problem.
Original title
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech FlashMart flashmart allows PHP Local File Inclusion.This issue aff...
Original description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magentech FlashMart flashmart allows PHP Local File Inclusion.This issue affects FlashMart: from n/a through <= 2.0.15.
nvd CVSS3.1
8.1
Vulnerability type
CWE-98
Improper Control of Filename for Include
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026