Filtered by vendor Efileman
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-5734 | 1 Efileman | 1 Efileman | 2018-10-15 | 6.4 MEDIUM | N/A |
Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html. | |||||
CVE-2007-5735 | 1 Efileman | 1 Efileman | 2018-10-15 | 5.0 MEDIUM | N/A |
eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm. |