Vulnerabilities > Dmxready > Registration Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-06-27 CVE-2009-2238 Unspecified vulnerability in Dmxready Registration Manager 1.1
Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/webblogmanager.
network
dmxready
6.8
2009-05-29 CVE-2009-1821 Permissions, Privileges, and Access Controls vulnerability in Dmxready Registration Manager 1.1
DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for databases/webblogmanager.mdb.
network
low complexity
dmxready CWE-264
5.0