Efileman : Security Vulnerabilities, CVEs, CVSS score >= 4
eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain unspecified user information via a direct request for cgi-bin/efileman/efileman_config.pm.
Max CVSS
5.0
EPSS Score
0.34%
Published
2007-10-30
Updated
2018-10-15
Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/upload_file." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html.
Max CVSS
6.4
EPSS Score
0.42%
Published
2007-10-30
Updated
2018-10-15
2 vulnerabilities found