Dutchmonkey Dm Filemanager vulnerabilities
3 known vulnerabilities affecting dutchmonkey/dm_filemanager.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2009-2025P3HIGHCVSS 7.5PoCv3.9.22009-06-09
CVE-2009-2025 [HIGH] CWE-264 CVE-2009-2025: admin/login.php in DM FileManager 3.9.2 allows remote attackers to bypass authentication and gain ad
admin/login.php in DM FileManager 3.9.2 allows remote attackers to bypass authentication and gain administrative access by setting the (1) USER, (2) GROUPID, (3) GROUP, and (4) USERID cookies to certain values.
nvd
CVE-2009-1741P3MEDIUMCVSS 6.8PoCv3.9.22009-05-20
CVE-2009-1741 [MEDIUM] CWE-89 CVE-2009-1741: Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc i
Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
nvd
CVE-2009-2399P3MEDIUMCVSS 6.8PoCv3.9.42009-07-09
CVE-2009-2399 [MEDIUM] CWE-94 CVE-2009-2399: PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, whe
PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.
nvd