RSS   Podatności dla 'Qtofilemanager'   RSS

2008-05-07
 
CVE-2008-2110

CWE-20
 

 
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.

 
2006-07-06
 
CVE-2006-3406

CWE-Other
 

 
Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter.

 
 
CVE-2006-3405

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.

 
2006-06-21
 
CVE-2006-3132

CWE-Other
 

 
Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top