Dm Filemanager

dm_filemanager

Vendor: Dutchmonkey • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-2399 1Dutchmonkey 1Dm Filemanager Apr 23, 2026 Jul 9, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE para...Show more PHP remote file inclusion vulnerability in dm-albums/template/album.php in DM FileManager 3.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.Show less
CVE-2009-2025 1Dutchmonkey 1Dm Filemanager Apr 23, 2026 Jun 9, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 admin/login.php in DM FileManager 3.9.2 allows remote attackers to bypass authentication and gain administrative access by setting the (1) USER, (2) GROUPID, (3) GROUP, and (4) USERID cookies to certain values.
CVE-2009-1741 1Dutchmonkey 1Dm Filemanager Apr 23, 2026 May 20, 2009 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.