Vulnerabilities > Bugada Andrea > PHP Advanced Transfer Manager > 1.21

DATE	CVE	VULNERABILITY TITLE	RISK
2005-05-20	CVE-2005-1681	Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. network low complexity bugada-andrea	7.5
2005-05-16	CVE-2005-1604	Unspecified vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.21 PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code. network low complexity bugada-andrea	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.