cpe:/a:dutchmonkey:dm_filemanager:3.9.2 CVE-2009-1741 2009-05-20T15:30:00.390-04:00 2017-09-28T21:34:32.403-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-21T09:09:00.000-04:00 BID 35035 SECUNIA 35167 OSVDB 54597 EXPLOIT-DB 8741 Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.