CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11383
https://notcve.org/view.php?id=CVE-2019-11383
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml Un problema fue encontrado en la aplicación Medha WiFi servidor FTP versión 1.8.3 para Android. Un atacante puede leer el nombre de username/password de una usuario válido a través de/data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.XML • https://pastebin.com/6uT9jhDR •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-9668
https://notcve.org/view.php?id=CVE-2019-9668
An issue was discovered in rovinbhandari FTP through 2012-03-28. receive_file in file_transfer_functions.c allows remote attackers to cause a denial of service (daemon crash) via a 0xffff datalen field value. Se descubrió un problema en rovinbhandari FTP hasta el 28/03/2012. La función receive_file en el archivo file_transfer_functions.c, permite a atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un valor del campo datalen 0xffff. • https://packetstormsecurity.com/files/152058/robinbhandari-FTP-Remote-Denial-Of-Service.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2018-18861 – PCManFTPD 2.0.7 Server APPE Command Buffer Overflow
https://notcve.org/view.php?id=CVE-2018-18861
Buffer overflow in PCMan FTP Server 2.0.7 allows for remote code execution via the APPE command. Desbordamiento de búfer en PCMan FTP Server 2.0.7 permite la ejecución remota de código mediante el comando APPE. • http://packetstormsecurity.com/files/150174/PCManFTPD-2.0.7-Server-APPE-Command-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12481
https://notcve.org/view.php?id=CVE-2018-12481
The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard" vulnerability, as demonstrated by reading the "User password" field with the Drozer post.capture.clipboard module. La aplicación Olive Tree Ftp Server 1.32 para Android tiene una vulnerabilidad de datos sensibles en el portapapeles, tal y como queda demostrado con la lectura del campo "User password" con el módulo post.capture.clipboard de Drozer. • https://pastebin.com/sp5nMhvc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5310 – Media from FTP Plugin < 9.85 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-5310
In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI. En el plugin "Media from FTP" en versiones anteriores a la 9.85 para WordPress, existe salto de directorio mediante el parámetro searchdir en el URI wp-admin/admin.php?page=mediafromftp-search-register. The Media from FTP Plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 9.84 via the searchdir parameter to the wp-admin/admin.php? • https://github.com/d4wner/Vulnerabilities-Report/blob/master/media-from-ftp.md https://wordpress.org/plugins/media-from-ftp/#developers https://wordpress.org/support/topic/any-directory-traversal-bugs-at-the-latest-version-of-media-from-ftp • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •