FTP
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-4583 | 0.03 | — | 0.06 | Oct 15, 2008 | Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method. | |||
| CVE-2024-0693 | 0.00 | — | 0.01 | Jan 18, 2024 | A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been… | |||
| CVE-2022-28998 | 0.00 | — | 0.02 | May 23, 2022 | Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code. | |||
| CVE-2020-14057 | 0.00 | — | 0.03 | Jul 1, 2020 | Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments. | |||
| CVE-2020-14055 | 0.00 | — | 0.01 | Jul 1, 2020 | Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding. | |||
| CVE-2019-19668 | 0.00 | — | 0.00 | Feb 10, 2020 | A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html. | |||
| CVE-2019-19667 | 0.00 | — | 0.00 | Feb 10, 2020 | A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html. | |||
| CVE-2019-19664 | 0.00 | — | 0.00 | Feb 10, 2020 | A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html. | |||
| CVE-2004-1429 | 0.00 | — | 0.01 | Dec 31, 2004 | ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack. |
- CVE-2008-4583Oct 15, 2008risk 0.03cvss —epss 0.06
Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname in the SavePkcs8File method.
- CVE-2024-0693Jan 18, 2024risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been…
- CVE-2022-28998May 23, 2022risk 0.00cvss —epss 0.02
Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code.
- CVE-2020-14057Jul 1, 2020risk 0.00cvss —epss 0.03
Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments.
- CVE-2020-14055Jul 1, 2020risk 0.00cvss —epss 0.01
Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.
- CVE-2019-19668Feb 10, 2020risk 0.00cvss —epss 0.00
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
- CVE-2019-19667Feb 10, 2020risk 0.00cvss —epss 0.00
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
- CVE-2019-19664Feb 10, 2020risk 0.00cvss —epss 0.00
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
- CVE-2004-1429Dec 31, 2004risk 0.00cvss —epss 0.01
ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack.