CVSS: 7.8EPSS: 4%CPEs: 2EXPL: 3CVE-2008-7012 – Accellion File Transfer Appliance Error Report Message - Open Email Relay
https://notcve.org/view.php?id=CVE-2008-7012
19 Aug 2009 — courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters. courier/1000@/api_error_email.html (tambien conocido como "error reporting page") en Accellion File Transfer Appliance FTA_7_0_178, y posiblemente otras versiones anteriores de FTA_7_0_189, permite a atacantes remotos enviar spam a través de los paráme... • https://www.exploit-db.com/exploits/32382 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2008-3850 – Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3850
27 Aug 2008 — Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Accellion File Transfer FTA_7_0_135 permite a atacantes remotos inyectar web script o HTML a través de PATH_INFO de courier/forgot_password.html. • https://www.exploit-db.com/exploits/32290 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •