Vulnerabilities > Bugada Andrea > PHP Advanced Transfer Manager > 1.20

DATE	CVE	VULNERABILITY TITLE	RISK
2006-09-13	CVE-2006-4749	Remote Security vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.20 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) showrecent.php, (8) showtophits.php, (9) usrmanag.php, (10) viewer_bottom.php, (11) viewer_content.php, and (12) viewer_top.php. network low complexity bugada-andrea	7.5
2006-09-06	CVE-2006-4594	Remote File Include vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.20 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location parameter in (1) confirm.php or (2) login.php. network low complexity bugada-andrea	7.5
2005-05-20	CVE-2005-1681	Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. network low complexity bugada-andrea	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.