5 matches found
CVE-2005-2819
DownFile 1.3 allows remote attackers to gain administrator privileges via a direct request to 1 update.php, 2 del.php, and 3 addform.php...
CVE-2005-2818
Cross-site scripting XSS vulnerability in DownFile 1.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter to 1 email.php,2 index.php, 3 del.php, or 4 addform.php...
CVE-2005-2818
CVE-2005-2818 concerns a cross-site scripting (XSS) vulnerability in DownFile 1.3. The issue arises from unvalidated input in the id parameter passed to four PHP scripts (email.php, index.php, del.php, add_form.php), enabling remote attackers to inject arbitrary JavaScript/HTML. The available doc...
CVE-2005-2819
DownFile 1.3 allows remote attackers to gain administrator privileges via a direct request to 1 update.php, 2 del.php, and 3 addform.php...
CVE-2005-2819
CVE-2005-2819 affects DownFile 1.3. Remote attackers can gain administrator privileges through direct HTTP requests to update.php, del.php, and add_form.php. The provided materials describe the affected components and impact but do not specify the underlying root cause or a verified exploit metho...