Php Advanced Transfer Manager@1.20 Security Vulnerabilities and Issues — Php Advanced Transfer Manager@1.20 CVE List

Lucene search

Bugada AndreaPhp Advanced Transfer Manager1.20

3 matches found

CVE•added 2006/03/14 1:6 a.m.•39 views

CVE-2006-1209

PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for a users/[USERNAME] file.

5CVSS6.9AI score0.08486EPSS

CVE•added 2006/09/06 10:4 p.m.•37 views

CVE-2006-4594

Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location parameter in (1) confirm.php or (2) login.php. NOTE: the include_location parameter to index.php is al...

7.5CVSS7.7AI score0.03079EPSS

CVE•added 2006/09/13 10:7 p.m.•32 views

CVE-2006-4749

Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) ...

7.5CVSS7.6AI score0.03079EPSS