Phase:PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.
ReferencesMISC:http://rgod.altervista.org/phpatm130.html
Votes:Assigned (Tuesday, September 20, 2005)
Comments:None (candidate not yet proposed)
F7: