14 matches found
EUVD-2019-19901
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET requests to GeneratePDF.php with SQL payloads in the idnews parameter to extract...
CVE-2019-25579
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and...
CVE-2019-25578
This CVE affects phpTransformer 2016.9. The SQL injection vulnerability occurs in GeneratePDF.php via the idnews parameter, allowing remote attackers to craft GET requests that execute arbitrary SQL, potentially exposing sensitive data or manipulating queries. Root cause: improper handling of use...
CVE-2019-25578 phpTransformer 2016.9 SQL Injection via GeneratePDF.php
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET requests to GeneratePDF.php with SQL payloads in the idnews parameter to extract...
CVE-2019-25579
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and...
phpTransformer 路径遍历漏洞
phpTransformer is a content management system developed by the Lebanese company phpTransformer. The version 2016.9 of phpTransformer has a path traversal vulnerability. This vulnerability stems from an SQL injection vulnerability in the idnews parameter, which could allow remote attackers to...
phpTransformer 路径遍历漏洞
phpTransformer is a content management system developed by the Lebanese company phpTransformer. The version 2016.9 of phpTransformer has a path traversal vulnerability. This vulnerability stems from the path parameters allowing directory traversal, which could enable unauthenticated attackers to...
SUSE SLES11 Security Update : SUSE Manager Client Tools (SUSE-SU-2021:14753-1)
The remote SUSE Linux SLES11 / SLESSAP11 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:14753-1 advisory. - In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege...
SaltStack Salt 操作系统命令注入漏洞
Saltstack SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack Saltstack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions 2016.9 through 3002.6, which stems from a comma...
phpTransformer 2016.9 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phpTransformer 2016.9 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Versio...
phpTransformer 2016.9 Directory Traversal
Exploit Title: phpTransformer 2016.9 - Directory Traversal Dork: N/A Date: 2019-01-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Version: 2016.9 Category:...
phpTransformer 2016.9 - Directory Traversal
phpTransformer 2016.9 - Directory Traversal Exploit Title: phpTransformer 2016.9 - Directory Traversal Dork: N/A Date: 2019-01-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link:...
phpTransformer 2016.9 - SQL Injection
Exploit Title: phpTransformer 2016.9 - SQL Injection Dork: N/A Date: 2019-01-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Version: 2016.9 Category: Webapps...
phpTransformer 2016.9 - SQL Injection
phpTransformer 2016.9 - SQL Injection Exploit Title: phpTransformer 2016.9 - SQL Injection Dork: N/A Date: 2019-01-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link:...