Dmxready Registration Manager vulnerabilities
2 known vulnerabilities affecting dmxready/registration_manager.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-2238P3MEDIUMCVSS 6.8PoCv1.12009-06-27
CVE-2009-2238 [MEDIUM] CVE-2009-2238: Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetm
Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in assets/webblogmanager.
nvd
CVE-2009-1821P3MEDIUMCVSS 5.0PoCv1.12009-05-29
CVE-2009-1821 [MEDIUM] CWE-264 CVE-2009-1821: DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient
DMXReady Registration Manager 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for databases/webblogmanager.mdb.
nvd