CVE-2025-13792

A security flaw has been discovered in Qualitor up to 8.20.104/8.24.97. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing a manipulation of the argument passageiros results in code injection. Remote exploitation of the attack...

PT-2025-22854 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor version 8.20 Description: A critical issue affects some unknown functionality of the file /html/ad/adconexaooffice365/request/testaConexaoOffice365.php. The manipulation of the nmconexao argument leads to command injection. This issu...

PT-2024-33091 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor versions 8.24 and below Description: The issue is related to a Server-Side Request Forgery SSRF in the component /request/viewValidacao.php. This allows for an unauthenticated server-side request forgery vulnerability. Recommendation...

PT-2024-31278 · Qualitor · Qualitor

Name of the Vulnerable Software and Affected Versions: Qualitor versions up to 8.24 Description: The issue concerns Remote Code Execution RCE via Arbitrary File Upload in the checkAcesso.php file. This allows for the execution of remote code, potentially leading to unauthorized access and control...