Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Many high-profile firms using vulnerable PHP File Manager: researcher

Many high-profile firms using vulnerable PHP File Manager: researcher

2015/07/27

Securityweek - (International) A security researcher identified several vulnerabilities in Revived Wire Media's PHP File Manager application, including the existence of a default user account with backdoor access to systems running the software, lack of protection for the user database, and arbitrary file upload vulnerabilities, among other flaws. Many firms reportedly still use the application even though it has not been updated since its release in 2010 - 2011.

Source: http://www.securityweek.com/many-high-profile-firms-using-vulnerable-php-file-manager-researcher

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:49