CVE-2009-0183 – Free Download Manager 2.5/3.0 - Authorisation Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-0183
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request. Desbordamiento del búfer basado en pila en Remote Control Server de Free Download Manager (FDM) v2.5 Build 758 y v3.0 Build 844; permite a atacantes remotos ejecutar código de su elección a través de una cabecera larga Authorization en una petición HTTP. • https://www.exploit-db.com/exploits/7986 https://www.exploit-db.com/exploits/16777 http://osvdb.org/51745 http://secunia.com/advisories/33524 http://secunia.com/secunia_research/2009-3 http://www.securityfocus.com/archive/1/500604/100/0/threaded http://www.securityfocus.com/bid/33554 http://www.vupen.com/english/advisories/2009/0302 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-3769 – PHP Download Manager 1.1.x - 'files.php' SQL Injection
https://notcve.org/view.php?id=CVE-2005-3769
SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. • https://www.exploit-db.com/exploits/26544 http://www.osvdb.org/22827 http://www.securityfocus.com/bid/15517 •