Pablo Software Solutions
Products
7- 5 CVEs
- 4 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-36983 | Hig | 0.51 | 7.8 | 0.00 | Jan 27, 2026 | Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem… | ||
| CVE-2009-1602 | 0.03 | — | 0.03 | May 11, 2009 | Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO commands. | |||
| CVE-2006-2027 | 0.03 | — | 0.04 | Apr 26, 2006 | Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a… | |||
| CVE-2005-2479 | 0.03 | — | 0.04 | Aug 5, 2005 | Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command. | |||
| CVE-2019-19943 | 0.00 | — | 0.04 | Feb 28, 2020 | The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free. | |||
| CVE-2006-3844 | 0.00 | — | 0.04 | Jul 25, 2006 | Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | |||
| CVE-2006-1391 | 0.00 | — | 0.02 | Mar 25, 2006 | The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL. | |||
| CVE-2006-1383 | 0.00 | — | 0.01 | Mar 24, 2006 | Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of files outside the intended document root via unspecified manipulations, which generate different error messages depending on whether a file exists or… | |||
| CVE-2004-2747 | 0.00 | — | 0.01 | Dec 31, 2004 | Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error… | |||
| CVE-2003-1299 | 0.00 | — | 0.01 | Dec 31, 2003 | Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | |||
| CVE-2003-1300 | 0.00 | — | 0.02 | Dec 31, 2003 | Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | |||
| CVE-2002-2209 | 0.00 | — | 0.01 | Dec 31, 2002 | Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | |||
| CVE-2002-1244 | 0.00 | — | 0.03 | Nov 12, 2002 | Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command. | |||
| CVE-2002-1054 | 0.00 | — | 0.02 | Oct 4, 2002 | Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. |
- risk 0.51cvss 7.8epss 0.00
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem…
- CVE-2009-1602May 11, 2009risk 0.03cvss —epss 0.03
Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO commands.
- CVE-2006-2027Apr 26, 2006risk 0.03cvss —epss 0.04
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a…
- CVE-2005-2479Aug 5, 2005risk 0.03cvss —epss 0.04
Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command.
- CVE-2019-19943Feb 28, 2020risk 0.00cvss —epss 0.04
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.
- CVE-2006-3844Jul 25, 2006risk 0.00cvss —epss 0.04
Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027.
- CVE-2006-1391Mar 25, 2006risk 0.00cvss —epss 0.02
The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL.
- CVE-2006-1383Mar 24, 2006risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of files outside the intended document root via unspecified manipulations, which generate different error messages depending on whether a file exists or…
- CVE-2004-2747Dec 31, 2004risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error…
- CVE-2003-1299Dec 31, 2003risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.
- CVE-2003-1300Dec 31, 2003risk 0.00cvss —epss 0.02
Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation.
- CVE-2002-2209Dec 31, 2002risk 0.00cvss —epss 0.01
Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors.
- CVE-2002-1244Nov 12, 2002risk 0.00cvss —epss 0.03
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
- CVE-2002-1054Oct 4, 2002risk 0.00cvss —epss 0.02
Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.