VYPR

Efileman

by Efileman

CVEs (2)

  • CVE-2007-5734Oct 30, 2007
    risk 0.00cvss epss 0.01

    Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html.

  • CVE-2007-5735Oct 30, 2007
    risk 0.00cvss epss 0.00

    eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm.