VYPR

FTP Flask Python

by Ajaypp123

Source repositories

CVEs (1)

  • CVE-2025-57633CriSep 9, 2025
    risk 0.64cvss 9.8epss 0.01

    A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated remote attackers to execute arbitrary OS commands. The /ftp.html endpoint's "Upload File" action constructs a shell command from the ftp_file parameter and executes it using os.system()…