Show filters
76 Total Results
Displaying 11-20 of 76
Sort by:
Attacker Value
Unknown

CVE-2018-20658

Disclosure Date: January 02, 2019 (last updated November 27, 2024)
The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.
0
0
Attacker Value
Unknown

CVE-2018-18861

Disclosure Date: November 20, 2018 (last updated November 27, 2024)
Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command.
0
0
Attacker Value
Unknown

CVE-2015-7601

Disclosure Date: September 29, 2015 (last updated October 05, 2023)
Directory traversal vulnerability in PCMan's FTP Server 2.0.7 allows remote attackers to read arbitrary files via a ..// (dot dot double slash) in a RETR command.
0
0
Attacker Value
Unknown

CVE-2013-4730

Disclosure Date: May 15, 2014 (last updated October 05, 2023)
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
0
0
Attacker Value
Unknown

CVE-2013-4742

Disclosure Date: August 09, 2013 (last updated October 05, 2023)
Buffer overflow in NetWin SurgeFTP before 23d2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string within the authentication request.
0
0
Attacker Value
Unknown

CVE-2012-6339

Disclosure Date: December 31, 2012 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.
0
0
Attacker Value
Unknown

CVE-2012-4729

Disclosure Date: October 26, 2012 (last updated October 05, 2023)
Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands.
0
0
Attacker Value
Unknown

CVE-2012-2999

Disclosure Date: October 04, 2012 (last updated October 05, 2023)
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify.
0
0
Attacker Value
Unknown

CVE-2012-5301

Disclosure Date: October 04, 2012 (last updated October 05, 2023)
The default configuration of Cerberus FTP Server before 5.0.4.0 supports the DES cipher for SSH sessions, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and performing a brute-force attack on the encrypted data.
0
0
Attacker Value
Unknown

CVE-2011-5164

Disclosure Date: September 15, 2012 (last updated October 05, 2023)
Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response.
0
0
View More Topics  < Previous  Next >