CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0736 – EFS Easy File Sharing FTP Login denial of service
https://notcve.org/view.php?id=CVE-2024-0736
A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/39249 https://vuldb.com/?ctiid.251559 https://vuldb.com/?id.251559 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2024-0693 – EFS Easy File Sharing FTP denial of service
https://notcve.org/view.php?id=CVE-2024-0693
A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/description/39218 https://packetstormsecurity.com/files/176377/Easy-File-Sharing-FTP-Server-2.0-Denial-Of-Service.html https://vuldb.com/?ctiid.251479 https://vuldb.com/?id.251479 https://www.youtube.com/watch?v=Rcl6VWg_bPY • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50897 – Media File Renamer <= 5.7.7 - Authenticated(Administrator+) Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-50897
The Media File Renamer: Rename Files (Manual, Auto & AI) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.7.7. This makes it possible for authenticated attackers, with administrator access and above, to execute code on the server by renaming files containing PHP code. • CWE-73: External Control of File Name or Path •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44227 – WordPress Simple File List Plugin <= 6.1.9 is vulnerable to Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2023-44227
Missing Authorization vulnerability in Mitchell Bennis Simple File List.This issue affects Simple File List: from n/a through 6.1.9. Vulnerabilidad de falta de autorización en Mitchell Bennis Simple File List. Este problema afecta a Simple File List: desde n/a hasta 6.1.9. The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including, 6.1.9. This is due to insufficient controls on files passed to a deletion function. • https://github.com/codeb0ss/CVE-2023-44227-PoC https://patchstack.com/database/vulnerability/simple-file-list/wordpress-simple-file-list-plugin-6-1-8-arbitrary-file-deletion?_s_id=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-48554 – file: stack-based buffer over-read in file_copystr in funcs.c
https://notcve.org/view.php?id=CVE-2022-48554
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. A flaw was found in file, a program used to identify a particular file according to the type of data contained by the file. This issue occurs when processing a specially crafted file, causing a stack-based buffer over-read, resulting in an application crash. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 https://bugs.astron.com/view.php?id=310 https://security.netapp.com/advisory/ntap-20231116-0002 https://support.apple.com/kb/HT214081 https://support.apple.com/kb/HT214084 https://support.apple.com/kb/HT214086 https://support.apple.com/kb/HT214088 https://www.debian.org/security/2023/dsa-5489 https://access.redhat.com/security&# • CWE-125: Out-of-bounds Read •