CVE Tools

bugada andrea

OSS Librariesindividual-dev

10

Cumulative CVEs

5

Monthly snapshots

#9

Peak rank

Top products

php advanced transfer manager1

Latest CVEs

The 10 most recently published vulnerabilities affecting bugada andrea.

CVE-2007-2659Directory traversal vulnerability in index.php in PHP Advanced Transfer Manager (phpATM) 1.30 allows remote attackers to read arbitrary files and obtain script source code via a .. (dot dot) in the...5.0May 14, 2007
CVE-2006-4749Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) acti...7.5Sep 13, 2006
CVE-2006-4594Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location ...7.5Sep 6, 2006
CVE-2006-1209PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to downlo...5.0Mar 14, 2006
CVE-2005-3000Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) norm...4.3Sep 20, 2005
CVE-2005-2999PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php.5.0Sep 20, 2005
CVE-2005-2998PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.7.5Sep 20, 2005
CVE-2005-2997Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or t...5.0Sep 20, 2005
CVE-2005-1681PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location paramete...7.5May 25, 2005
CVE-2005-1604PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns",...7.5May 16, 2005