Nixpkgs security tracker
Permalink
CVE-2025-52816
8.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): HIGH
- Availability impact (A): HIGH
WordPress Zita theme <= 1.6.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehunk Zita allows PHP Local File Inclusion. This issue affects Zita: from n/a through 1.6.5.
References
Affected products
zita
- =<1.6.5
Matching in nixpkgs
pkgs.zitadel
Identity and access management platform
pkgs.zita-at1
Autotuner Jack application to correct the pitch of vocal tracks
pkgs.zita-ajbridge
Connect additional ALSA devices to JACK
pkgs.zita-njbridge
command line Jack clients to transmit full quality multichannel audio over a local IP network
pkgs.zitadel-tools
Helper tools for zitadel
pkgs.zita-alsa-pcmi
Successor of clalsadrv, provides easy access to ALSA PCM devices
pkgs.zita-convolver
Convolution library by Fons Adriaensen
pkgs.zita-resampler
Resample library by Fons Adriaensen
Package maintainers
-
@orivej Orivej Desh <orivej@gmx.fr>
-
@magnetophon Bart Brouns <bart@magnetophon.nl>
-
@nrabulinski Nikodem Rabuliński <1337-nix@nrab.lol>