Vulnerabilities > Efileman > Efileman
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-30 | CVE-2007-5735 | Permissions, Privileges, and Access Controls vulnerability in Efileman 7.1.0.8788 eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm. | 5.0 |
| 2007-10-30 | CVE-2007-5734 | Improper Input Validation vulnerability in Efileman 7.1.0.8788 Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html. | 6.4 |