CVE-2025-30901

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JoomSky JS Help Desk allows PHP Local File Inclusion. This issue affects JS Help Desk: from n/a through 2.9.2. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt