VYPR
Unrated severityNVD Advisory· Published Jun 14, 2006· Updated Jun 16, 2026

CVE-2006-3015

CVE-2006-3015

Description

Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Winscp/Winscp2 versions
    cpe:2.3:a:winscp:winscp:3.8.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:winscp:winscp:3.8.1:*:*:*:*:*:*:*
    • (no CPE)range: = 3.8.1 build 328

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.