RSS   Vulnerabilities for 'Allmanage'   RSS



The file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.



The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.


Copyright 2024,


Back to Top