Qto Qtofilemanager vulnerabilities
4 known vulnerabilities affecting qto/qtofilemanager.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2008-2110P3HIGHCVSS 7.5PoCv1.02008-05-07
CVE-2008-2110 [HIGH] CWE-20 CVE-2008-2110: Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
nvd
CVE-2006-3405P4MEDIUMCVSS 5.8PoCv1.02006-07-07
CVE-2006-3405 [MEDIUM] CVE-2006-3405: Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers
Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.
nvd
CVE-2006-3406P4MEDIUMCVSS 6.4v1.02006-07-07
CVE-2006-3406 [MEDIUM] CVE-2006-3406: Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modi
Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter.
nvd
CVE-2006-3132P4MEDIUMCVSS 5.8v1.02006-06-22
CVE-2006-3132 [MEDIUM] CVE-2006-3132: Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers
Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php.
nvd