Xtreme Scripts : Security Vulnerabilities, CVEs, CVSS score >= 6
Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php.
Max CVSS
7.5
EPSS Score
13.70%
Published
2006-06-12
Updated
2018-10-18
1 vulnerabilities found