CVE-2026-57794 in Golo Framework Plugininfo

Summary

by MITRE • 07/13/2026

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in uxper Golo Framework golo-framework allows PHP Local File Inclusion.This issue affects Golo Framework: from n/a through <= 1.7.3.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 07/13/2026

The PHP Remote File Inclusion vulnerability in the uxper Golo Framework represents a critical security flaw that enables attackers to execute arbitrary code through improper handling of filename parameters in include/require statements. This vulnerability falls under CWE-88, which specifically addresses improper neutralization of special elements used in SQL commands, and more broadly aligns with CWE-94, which covers improper control of generation of code. The issue manifests when the framework fails to properly validate or sanitize user-supplied input that is subsequently used in PHP include or require functions, creating an avenue for remote attackers to manipulate the execution flow.

The technical exploitation occurs when the Golo Framework processes user-controllable parameters that are directly incorporated into file inclusion directives without adequate sanitization. Attackers can leverage this weakness by supplying malicious filenames or URLs that point to remote servers hosting attacker-controlled code. The vulnerability affects all versions from the initial release through version 1.7.3, indicating a prolonged exposure window where organizations using this framework remained susceptible to exploitation. This flaw operates at the application layer and can be classified under ATT&CK technique T1505.003 for PHP remote file inclusion attacks within the application deployment category.

The operational impact of this vulnerability extends beyond simple code execution, as it provides attackers with the capability to read arbitrary files on the server, potentially accessing sensitive configuration files, database credentials, or other confidential data. Successful exploitation could lead to complete system compromise, allowing attackers to establish persistent backdoors, escalate privileges, or use the compromised system as a launch point for further attacks within the network infrastructure. The vulnerability's severity is compounded by its potential for automated exploitation through common web application attack patterns and its availability in widely-used framework versions.

Organizations utilizing the Golo Framework should immediately implement mitigations including input validation and sanitization of all parameters used in file inclusion operations, disabling remote file inclusion capabilities in PHP configuration, and implementing proper access controls. The recommended approach involves enforcing strict whitelisting of acceptable filenames, implementing proper parameter validation routines, and ensuring that PHP's allow_url_include directive is disabled in the php.ini configuration. Additionally, regular security updates and patches should be applied to move beyond affected versions, while network monitoring can help detect potential exploitation attempts through unusual file access patterns or outbound connections to suspicious domains.

Responsible

Patchstack

Reservation

06/25/2026

Disclosure

07/13/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!