Vulnerabilities > Bugada Andrea > PHP Advanced Transfer Manager > 1.21
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-20 | CVE-2005-1681 | Remote Security vulnerability in Php Advanced Transfer Manager 1.20/1.21 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | 7.5 |
2005-05-16 | CVE-2005-1604 | Unspecified vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.21 PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code. | 7.5 |