CVE-2025-13792 | Qualitor 8.20/8.24 getResumo.php eval passageiros code injection

A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection.

This vulnerability is known as CVE-2025-13792. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More