Adobe Download Manager vulnerabilities

CVE-2022-2926 [MEDIUM] CWE-22 CVE-2022-2926: The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which cou The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory

CVE-2020-9688 [HIGH] CWE-77 CVE-2020-9688: Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploita Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-8071 [CRITICAL] CWE-732 CVE-2019-8071: Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successfu Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.

CVE-2010-0189 [CRITICAL] CWE-20 CVE-2010-0189: A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2 A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site.

CVE-2006-5856 [MEDIUM] CVE-2006-5856: Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to exec Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.