Lucene search

K
Bugada AndreaPhp Advanced Transfer Manager

5 matches found

CVE
CVE
added 2006/09/06 10:4 p.m.37 views

CVE-2006-4594

Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location parameter in (1) confirm.php or (2) login.php. NOTE: the include_location parameter to index.php is al...

7.5CVSS7.7AI score0.03079EPSS
CVE
CVE
added 2005/09/20 10:3 p.m.35 views

CVE-2005-2998

PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.

7.5CVSS8AI score0.00763EPSS
CVE
CVE
added 2005/05/16 4:0 a.m.34 views

CVE-2005-1604

PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.

7.5CVSS7.1AI score0.07806EPSS
CVE
CVE
added 2006/09/13 10:7 p.m.32 views

CVE-2006-4749

Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) ...

7.5CVSS7.6AI score0.03079EPSS
CVE
CVE
added 2005/05/25 4:0 a.m.29 views

CVE-2005-1681

PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php.

7.5CVSS7.7AI score0.025EPSS