EUVD-2019-20137

eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extract sensitive...

CVE-2019-25707 eBrigade ERP 4.5 SQL Injection via pdf.php

eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to pdf.php with crafted SQL payloads in the 'id' parameter to extract sensitive...

CVE-2025-15526 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Full Path Disclosure via 'pdf' Parameter

The Fancy Product Designer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.8. This is due to improper error handling in the PDF upload functionality that exposes server filesystem paths and stack traces in error messages. This makes it possible...

CVE-2025-15526

CVE-2025-15526 affects Fancy Product Designer for WordPress. All versions up to 6.4.8 are vulnerable to unauthenticated Full Path Disclosure via error handling in the PDF upload process, exposing server filesystem paths and stack traces. This information could assist other attacks; practical expl...

CVE-2025-15526 Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Full Path Disclosure via 'pdf' Parameter

The Fancy Product Designer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.8. This is due to improper error handling in the PDF upload functionality that exposes server filesystem paths and stack traces in error messages. This makes it possible...

CVE-2024-51392

An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component...

Lingdang CRM 路径遍历漏洞

Lingdang CRM Lingdang CRM is a customer relationship management system from the Chinese company Lingdang Lingdang. A path traversal vulnerability exists in Lingdang CRM version 8.6.4.3 and earlier versions, which stems from the parameter url in the file /crm/data/pdf.php that can lead to path...