Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2008-2110
Disclosure Date: May 07, 2008 (last updated October 04, 2023)
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
0
Attacker Value
Unknown
CVE-2006-3405
Disclosure Date: July 07, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.
0
Attacker Value
Unknown
CVE-2006-3406
Disclosure Date: July 07, 2006 (last updated October 04, 2023)
Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter.
0
Attacker Value
Unknown
CVE-2006-3132
Disclosure Date: June 22, 2006 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php.
0
