Posted by Imre Rad on Jan 27

PHP File Manager 0.9.8 (http://phpfm.sourceforge.net/) is vulnerable to
authentication bypass due to insecure implementation of register globals
emulation. An attacker is able to override the blockKeys array and thus
build a valid session and access all the protected functionality (including
execution of shell commands) without actual knowledge of the password set.

PoC URLs:…