| CVE-2008-6082 | | 0.08 | — | 0.64 | | Feb 6, 2009 | Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. |
| CVE-2010-2426 | | 0.05 | — | 0.30 | | Jun 24, 2010 | Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. |
| CVE-2014-1843 | | 0.03 | — | 0.04 | | Apr 29, 2014 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. |
| CVE-2014-1842 | | 0.03 | — | 0.02 | | Apr 29, 2014 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. |
| CVE-2014-1841 | | 0.03 | — | 0.04 | | Apr 29, 2014 | Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. |
| CVE-2008-5281 | | 0.03 | — | 0.01 | | Nov 29, 2008 | Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command. |
| CVE-2008-0702 | | 0.03 | — | 0.04 | | Feb 12, 2008 | Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641. |
| CVE-2004-1641 | | 0.03 | — | 0.01 | | Aug 29, 2004 | Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. |
| CVE-2004-0437 | | 0.03 | — | 0.01 | | Jul 7, 2004 | Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket. |
| CVE-2010-2425 | | 0.00 | — | 0.01 | | Jun 24, 2010 | Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. |
