CVE-2019-25579

phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and...

CVE-2019-25578 phpTransformer 2016.9 SQL Injection via GeneratePDF.php

phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET requests to GeneratePDF.php with SQL payloads in the idnews parameter to extract...

CVE-2019-25579

phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and...

phpTransformer 2016.9 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: phpTransformer 2016.9 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Versio...

phpTransformer 2016.9 Directory Traversal

Exploit Title: phpTransformer 2016.9 - Directory Traversal Dork: N/A Date: 2019-01-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Version: 2016.9 Category:...