Max's File Uploader allows for arbitrary PHP shell uploads.
512a5ad614075b20cc55bfcab17b676e8ba9ae9db739868c178709d29ca07082
Korean GHBoard suffers from arbitrary upload/download vulnerabilities.
143511d1607a676dfff68db0774fe89fcd9f929fb31244f1a6bd04f5fa7e8cb9
eFileMan 7.x suffers from arbitrary file upload and direct configuration file access vulnerabilities.
4b3ef141a7745c449b88d5d6b8f2eef50d39f62a972dcbbef1c85fbe3e966269
eLuisa's Download Script suffers from an arbitrary file download vulnerability.
5a8ef2903e52bad8de8a944878ec570fbad24b87e2b8341a637935e75cd6b776
The phpBasic Music Module suffers from SQL injection and remote file inclusion vulnerabilities.
2ff80468a8ac54ef4313711d48841b289ffa6572aec9338e32bfdee7bc3655e8