Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1604


Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1604
Last Modified 05 Sep 2008 04:49:35
Published 16 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.

Vulnerable Systems


  • Bugada Andrea Php Advanced Transfer Manager 1.21


BID - 13542

BUGTRAQ - 20051029 uplod phpshell in PHP Advanced Transfer Manager

BUGTRAQ - 20051030 Re: uplod phpshell in PHP Advanced Transfer Manager

OSVDB - 16160

SECUNIA - 15279

BUGTRAQ - 20050506 PHP Advanced Transfer Manager v1.21

Last Updated: 27 May 2016 10:40:14