CVE-2023-53894

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

EUVD-2023-60196

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

CVE-2023-53894 phpfm 1.7.9 Authentication Bypass via Type Juggling Vulnerability

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by exploiting loose type comparison in password hash validation. Attackers can craft specific password hashes beginning with 0e or 00e to bypass authentication and upload malicious PHP files to the server...

PT-2025-51742

Name of the Vulnerable Software and Affected Versions phpfm version 1.7.9 Description phpfm version 1.7.9 contains an authentication bypass. This occurs due to a loose type comparison during password hash validation. Attackers can bypass authentication by crafting specific password hashes startin...

EUVD-2005-4418

Malware in sbrugna...

CVE-2005-4423

Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."...

phpFileManager 0.9.8 - Remote Command Execution

Exploit Title: Remote Command Execution Google Dork: intitle: PHP Remote Command Execution Date: 2015-07-28 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: phpfm.sourceforge.net Software Link: phpfm.sourceforge.net Version: 0.9.8 Tested on: windows 7 SP1...

PHPFM Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15335/info PHPFM is prone to an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the Web server process. This may facilitate...

CVE-2005-4423

Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."...

CVE-2005-4423

CVE-2005-4423 affects PHPFM older than 0.2.3. The issue is an unrestricted file upload vulnerability that lets remote authenticated users upload a file with an executable extension (e.g., .php ) to an accessible directory and thereby execute arbitrary code under the web server's privileges. Explo...

CVE-2005-4423

Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."...

phpfm.txt

upload phpshell in PHPFM discovered by rUnViRuS www.worlddefacers.net www.security-arab.com =-=-=-=-=-=-=-=-= the code shell :- --------------- save as cmd.php now upload in PHPFM =-=-=-= Used Shell =-=-=-= www.site.com/file upload name/files/cmd.php?cmd=command linux...

PHPFM Arbitrary File Upload

The remote host appears to be running PHPFM, a web-based file manager written in PHP. The version of PHPFM installed on the remote host allows anyone to upload arbitrary files and then to execute them subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C Tenable Network...

upload phpshell in PHPFM

upload phpshell in PHPFM discovered by rUnViRuS www.worlddefacers.net www.security-arab.com =-=-=-=-=-=-=-=-= the code shell :- --------------- pre ? passthru$GET'cmd'; ? save as cmd.php now upload in PHPFM =-=-=-= Used Shell =-=-=-= www.site.com/file upload name/files/cmd.php?cmd=command linux...

PHPFM - Arbitrary File Upload

source: https://www.securityfocus.com/bid/15335/info PHPFM is prone to an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the Web server process. This may facilitate unauthorized access or privilege...