Vulnerabilities > Bugada Andrea > PHP Advanced Transfer Manager > 1.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-13 | CVE-2006-4749 | Remote Security vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.20 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) showrecent.php, (8) showtophits.php, (9) usrmanag.php, (10) viewer_bottom.php, (11) viewer_content.php, and (12) viewer_top.php. | 7.5 |
2006-09-06 | CVE-2006-4594 | Remote File Include vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.20 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the include_location parameter in (1) confirm.php or (2) login.php. | 7.5 |
2005-05-20 | CVE-2005-1681 | Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | 7.5 |