CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0736 – EFS Easy File Sharing FTP Login denial of service
https://notcve.org/view.php?id=CVE-2024-0736
A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/39249 https://vuldb.com/?ctiid.251559 https://vuldb.com/?id.251559 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2024-0693 – EFS Easy File Sharing FTP denial of service
https://notcve.org/view.php?id=CVE-2024-0693
A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/description/39218 https://packetstormsecurity.com/files/176377/Easy-File-Sharing-FTP-Server-2.0-Denial-Of-Service.html https://vuldb.com/?ctiid.251479 https://vuldb.com/?id.251479 https://www.youtube.com/watch?v=Rcl6VWg_bPY • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-48554 – file: stack-based buffer over-read in file_copystr in funcs.c
https://notcve.org/view.php?id=CVE-2022-48554
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. A flaw was found in file, a program used to identify a particular file according to the type of data contained by the file. This issue occurs when processing a specially crafted file, causing a stack-based buffer over-read, resulting in an application crash. • http://seclists.org/fulldisclosure/2024/Mar/21 http://seclists.org/fulldisclosure/2024/Mar/24 http://seclists.org/fulldisclosure/2024/Mar/25 https://bugs.astron.com/view.php?id=310 https://security.netapp.com/advisory/ntap-20231116-0002 https://support.apple.com/kb/HT214081 https://support.apple.com/kb/HT214084 https://support.apple.com/kb/HT214086 https://support.apple.com/kb/HT214088 https://www.debian.org/security/2023/dsa-5489 https://access.redhat.com/security&# • CWE-125: Out-of-bounds Read •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2023-3784 – Dooblou WiFi File Explorer cross site scripting
https://notcve.org/view.php?id=CVE-2023-3784
A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. • https://seclists.org/fulldisclosure/2023/Jul/37 https://vuldb.com/?ctiid.235051 https://vuldb.com/?id.235051 https://www.vulnerability-lab.com/get_content.php?id=2317 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2023-3783 – Webile HTTP POST Request cross site scripting
https://notcve.org/view.php?id=CVE-2023-3783
A vulnerability was found in Webile 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP POST Request Handler. The manipulation of the argument new_file_name/c leads to cross site scripting. It is possible to launch the attack remotely. • https://seclists.org/fulldisclosure/2023/Jul/38 https://vuldb.com/?ctiid.235050 https://vuldb.com/?id.235050 https://www.vulnerability-lab.com/get_content.php?id=2321 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •