VYPR

Fabric

by Axiomthemes

CVEs (2)

  • CVE-2025-58941HigDec 18, 2025
    risk 0.53cvss 8.1epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Fabric fabric allows PHP Local File Inclusion.This issue affects Fabric: from n/a through <= 1.5.0.

  • CVE-2024-29154Mar 18, 2024
    risk 0.00cvss epss 0.00

    danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML mishandling, such as in htmlToPlainText.