Security Advisory

CVE-2019-25579

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-21 15:30:37

Last updated 2026-03-24 14:23:10

Assigner VulnCheck

State PUBLISHED

Description

phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the path parameter. Attackers can send requests to the jQueryFileUploadmaster server endpoint with traversal sequences ../../../../../../ to list and retrieve files outside the intended directory.

← Browse all CVEs View on cve.org ↗