Page 4 of 30 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el interfaz web del servidor FTP Cerberus anterior al 2.46, permite a atacantes remotos la inyección de secuencias de comandos web o HTML de su elección a través de vectores sin especificar. • http://osvdb.org/38789 http://secunia.com/advisories/27569 http://www.cerberusftp.com/cerberus-releasenotes.htm#ReleaseNotes http://www.securityfocus.com/bid/26381 http://www.vupen.com/english/advisories/2007/3805 https://exchange.xforce.ibmcloud.com/vulnerabilities/38320 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 6%CPEs: 16EXPL: 2

Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer. Desbordamiento de búfer en ArgoSoft FTP Server 1.4.3.6 permite a atacantes remotos ejecutar código arbitrario a través de Unicode en el comando RNTO, según lo demostrado por el Infigo FTPStress Fuzzer. • http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html http://marc.info/?l=bugtraq&m=114658586018818&w=2 http://secunia.com/advisories/19934 http://www.infigo.hr/en/in_focus/tools http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03 http://www.osvdb.org/25216 http://www.securityfocus.com/bid/17789 http://www.vupen.com/english/advisories/2006/1639 https://exchange.xforce.ibmcloud.com/vulnerabilities/26197 •

CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 0

Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042523.html http://secunia.com/advisories/14526 http://securityreason.com/securityalert/494 http://securitytracker.com/id?1015681 http://www.securityfocus.com/archive/1/392653 http://www.securityfocus.com/archive/1/426081/100/0/threaded http://www.securityfocus.com/bid/12755 https://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html •

CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0

ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519. • http://secunia.com/advisories/14372 http://www.argosoft.com/ftpserver/changelist.aspx http://www.osvdb.org/14061 http://www.securityfocus.com/bid/12632 https://exchange.xforce.ibmcloud.com/vulnerabilities/19442 •

CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0

ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520. • http://secunia.com/advisories/14172 http://www.argosoft.com/ftpserver/changelist.aspx http://www.osvdb.org/13614 http://www.securityfocus.com/bid/12487 https://exchange.xforce.ibmcloud.com/vulnerabilities/17939 •