Vulnerabilities > QTO
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-07 | CVE-2008-2110 | Improper Input Validation vulnerability in QTO Qtofilemanager 1.0 Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request. | 7.5 |
2006-07-07 | CVE-2006-3406 | Directory Traversal vulnerability in QTO Qtofilemanager 1.0 Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. | 6.4 |
2006-07-07 | CVE-2006-3405 | Cross-Site Scripting vulnerability in QTO Qtofilemanager 1.0 Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters. network qto | 5.8 |
2006-06-22 | CVE-2006-3132 | Cross-Site Scripting vulnerability in QTO Qtofilemanager 1.0 Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php. network qto | 5.8 |