3 matches found
Authentication flaw
admin/login.php in DM FileManager 3.9.2 allows remote attackers to bypass authentication and gain administrative access by setting the 1 USER, 2 GROUPID, 3 GROUP, and 4 USERID cookies to certain values...
CVE-2009-1741
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...
DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== DM FileManager 3.9.2 Auth Bypass SQL Injection Vulnerability ==============================================================...