CVE-2025-30868

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 27, 2025

CWE ID 98

Summary

CVE-2025-30868 is a new vulnerability affecting DynamicWebLab Team Manager. This issue, classified as a PHP Remote File Inclusion vulnerability, stems from a lack of proper control over the filename used in include/require statements within PHP programs. An attacker can exploit this weakness to include local files, putting the system at risk. The flaw can be found in versions of Team Manager ranging from n/a to 2.1.23. It is essential to apply the necessary patches to mitigate this vulnerability and prevent potential unauthorized access or data leakage.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/4tB_IW
https://www.cve.org/CVERecord?id=CVE-2025-30868
https://nvd.nist.gov/vuln/detail/CVE-2025-30868

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2025-30868

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations