漏洞描述
PHP Advanced Transfer Manager 1.30存在源码泄露漏洞,此漏洞是由于应用程序对'current_dir'和'filename'参数数据验证不足导致的。
PHP Advanced Transfer Manager 1.30 源码泄露漏洞
PoC代码
暂无相关漏洞推荐
- phpMyFAQ /api/setup/backup 信息泄露漏洞(CVE-2025-69200)
- ETAP Safety Manager 跨站脚本漏洞
- PHP 安全漏洞
- Campcodes Advanced_voting_management_system不正确的权限分配漏洞(CVE-2025-14889)
- POC CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)
- POC CVE-2020-26836: SAP Solution Manager - Open Redirect
- POC bitrix-log-file-disclosure: Bitrix Site Manager - Log File Disclosure
- POC nexus-repository-anonymous-access: Nexus Repository Manager - Anonymous Access Enabled
- POC CVE-2018-17082: Apache2 - Transfer-Encoding Chunked XSS
- POC CVE-2019-25213: WordPress Advanced Access Manager - Path Traversal
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC aem-anonymous-write: Adobe Experience Manager (AEM) - Anonymous JCR Node Creation
- POC functions-php-disclosure: functions.php Full Path Disclosure