CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2018-18912
https://notcve.org/view.php?id=CVE-2018-18912
13 May 2019 — An issue was discovered in Easy File Sharing (EFS) Web Server 7.2. A stack-based buffer overflow vulnerability occurs when a malicious POST request has been made to forum.ghp upon creating a new topic in the forums, which allows remote attackers to execute arbitrary code. Se descubrió un problema en Easy File Sharing (EFS) Web Server 7.2. Una vulnerabilidad de desbordamiento de búfer basado en pila se produce cuando se ha realizado una petición POST maliciosa a forum.ghp al crear un nuevo tema en los foros,... • https://github.com/notkisi/CVE-s/blob/master/CVE-2018-18912.py • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 74%CPEs: 1EXPL: 5CVE-2018-9059 – Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
https://notcve.org/view.php?id=CVE-2018-9059
18 Apr 2018 — Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. Desbordamiento de búfer basado en pila en Easy File Sharing (EFS) Web Server 7.2 permite que atacantes remotos ejecuten código arbitrario mediante un inicio de sesión malicioso en forum.ghp. NOTA: podría solaparse con CVE-2014-3791. Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulne... • https://packetstorm.news/files/id/147336 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 3CVE-2009-4809 – Easy File Sharing Web Server 4.8 - File Disclosure
https://notcve.org/view.php?id=CVE-2009-4809
23 Apr 2010 — Directory traversal vulnerability in thumbnail.ghp in Easy File Sharing (EFS) Web Server 4.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the vfolder parameter. Vulnerabilidad de salto de directorio en thumbnail.ghp en Easy File Sharing (EFS) Web Server v4.8 permite a atacantes remotos leer archivos de su elección a través del carácter .. (punto punto) en el parámetro vfolder. • https://www.exploit-db.com/exploits/8155 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •