← Back

Codnloc

codnloc

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Phptransformer
phptransformer
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-25579
1Codnloc
1Phptransformer
Mar 23, 2026
Mar 21, 2026
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadma...Show more
phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and retrieve files outside the intended directory.Show less
CVE-2019-25578
1Codnloc
1Phptransformer
Mar 26, 2026
Mar 21, 2026
8.8 HIGH· v4
8.2 HIGH· v3
N/A· v2
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET request...Show more
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the idnews parameter. Attackers can send crafted GET requests to GeneratePDF.php with SQL payloads in the idnews parameter to extract sensitive database information or manipulate queries.Show less