QTO : Security Vulnerabilities, CVEs, CVSS score >= 6
Unrestricted file upload vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request.
Max CVSS
7.5
EPSS Score
4.07%
Published
2008-05-07
Updated
2018-10-11
Directory traversal vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to modify arbitrary files via a .. (dot dot) sequence in the edit parameter.
Max CVSS
6.4
EPSS Score
0.51%
Published
2006-07-07
Updated
2018-10-18
2 vulnerabilities found