6 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/39249 https://vuldb.com/?ctiid.251559 https://vuldb.com/?id.251559 • CWE-404: Improper Resource Shutdown or Release •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3

A vulnerability classified as problematic was found in EFS Easy File Sharing FTP 2.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://0day.today/exploit/description/39218 https://packetstormsecurity.com/files/176377/Easy-File-Sharing-FTP-Server-2.0-Denial-Of-Service.html https://vuldb.com/?ctiid.251479 https://vuldb.com/?id.251479 https://www.youtube.com/watch?v=Rcl6VWg_bPY • CWE-404: Improper Resource Shutdown or Release •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1

An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code. Se descubrió un problema en Easy File Sharing (EFS) Web Server 7.2. Una vulnerabilidad de desbordamiento de búfer basado en pila se produce cuando se ha realizado una petición POST maliciosa a forum.ghp al crear un nuevo tema en los foros, lo que permite a los atacantes remotos ejecutar código arbitrario. • https://github.com/notkisi/CVE-s/blob/master/CVE-2018-18912.py • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 34%CPEs: 1EXPL: 3

Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. Desbordamiento de búfer basado en pila en Easy File Sharing (EFS) Web Server 7.2 permite que atacantes remotos ejecuten código arbitrario mediante un inicio de sesión malicioso en forum.ghp. NOTA: podría solaparse con CVE-2014-3791. Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulnerability. • https://www.exploit-db.com/exploits/44522 https://www.exploit-db.com/exploits/44485 https://github.com/manojcode/easy-file-share-7.2-exploit-CVE-2018-9059 http://packetstormsecurity.com/files/147246/Easy-File-Sharing-Web-Server-7.2-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 3

Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the vfolder parameter. Vulnerabilidad de salto de directorio en thumbnail.ghp en Easy File Sharing (EFS) Web Server v4.8 permite a atacantes remotos leer archivos de su elección a través del carácter .. (punto punto) en el parámetro vfolder. • https://www.exploit-db.com/exploits/8155 http://secunia.com/advisories/34121 http://www.exploit-db.com/exploits/8155 http://www.securityfocus.com/bid/33973 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •