CVE-2026-51925
09.07.2026, 21:16
A Local File Inclusion (LFI) vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menu_report.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source code or system files.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.