cbcvebase.

Qto Qtofilemanager vulnerabilities

4 known vulnerabilities affecting qto/qtofilemanager.

Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2008-2110P3HIGHCVSS 7.5PoCv1.02008-05-07
CVE-2008-2110 [HIGH] CWE-20 CVE-2008-2110: Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
nvd
CVE-2006-3405P4MEDIUMCVSS 5.8PoCv1.02006-07-07
CVE-2006-3405 [MEDIUM] CVE-2006-3405: Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.
nvd
CVE-2006-3406P4MEDIUMCVSS 6.4v1.02006-07-07
CVE-2006-3406 [MEDIUM] CVE-2006-3406: Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modi Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter.
nvd
CVE-2006-3132P4MEDIUMCVSS 5.8v1.02006-06-22
CVE-2006-3132 [MEDIUM] CVE-2006-3132: Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php.
nvd
Qto Qtofilemanager vulnerabilities | cvebase