VYPR
Vendor

FTP

Products
3
CVEs
10
Across products
10
Status
Private

Products

3

Recent CVEs

10
  • CVE-2014-125114HigJul 25, 2025
    risk 0.61cvss epss 0.01

    A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling of the Time attribute within Schedule.xml. By placing a specially crafted Schedule.xml file in the i-Ftp application directory, a remote attacker can trigger a buffer overflow…

  • CVE-2025-34299Nov 7, 2025
    risk 0.09cvss epss 0.73

    Monsta FTP versions 2.11 and earlier contain a vulnerability that allows unauthenticated arbitrary file uploads. This flaw enables attackers to execute arbitrary code by uploading a specially crafted file from a malicious (S)FTP server.

  • CVE-2007-6232Dec 4, 2007
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action.

  • CVE-2023-22551Jan 1, 2023
    risk 0.01cvss epss 0.02

    The FTP (aka "Implementation of a simple FTP client and server") project through 96c1a35 allows remote attackers to cause a denial of service (memory consumption) by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc…

  • CVE-1999-0082Nov 11, 1988
    risk 0.01cvss epss 0.08

    CWD ~root command in ftpd allows root access.

  • CVE-2019-25614Mar 22, 2026
    risk 0.00cvss epss 0.01

    Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious…

  • CVE-1999-1078Jul 29, 1999
    risk 0.00cvss epss 0.02

    WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.

  • CVE-1999-0351Feb 1, 1999
    risk 0.00cvss epss 0.01

    FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.

  • CVE-1999-0081Jan 11, 1997
    risk 0.00cvss epss 0.02

    wu-ftp allows files to be overwritten via the rnfr command.

  • CVE-1999-0201Jan 1, 1997
    risk 0.00cvss epss 0.06

    A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.