Blackshoe

**Name of the Vulnerable Software and Affected Versions** File Upload Manager (affected versions not specified) **Description** The issue allows remote attackers to upload arbitrary files by modifying the `test` variable to contain a value of '~~~~~~' (six tildes), which bypasses the file extension checks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mtnpeak.net File Upload Manager (affected versions not specified) **Description** The issue concerns a lack of proper user authentication checks for certain actions, allowing remote attackers to manipulate file parameters. This can lead to reading arbitrary files via the "view" action or deleting arbitrary files via the "del" action by providing a modified base64-encoded file parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.