Lucene search
K

66 matches found

CNVD
CNVD
added 2016/05/10 12:0 a.m.4 views

Accellion File Transfer Appliance Arbitrary Command Execution Vulnerability

Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. A security vulnerability exists in Accellion FTA versions prior to FTA91240. A remote attacker can exploit the...

8.8CVSS7.6AI score0.05381EPSS
Exploits0References1
CNVD
CNVD
added 2016/05/10 12:0 a.m.4 views

Accellion File Transfer Appliance SQL Injection Vulnerability

Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. Accellion FTA A SQL injection vulnerability exists in the home/seos/courier/securitykey2.api file in versions...

9.8CVSS8.6AI score0.01579EPSS
Exploits1References1
CNVD
CNVD
added 2016/05/10 12:0 a.m.7 views

Accellion File Transfer Appliance Privilege Gain Vulnerability

Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. A security vulnerability exists in Accellion FTA versions prior to FTA91240. A local attacker can exploit the...

7.8CVSS6.8AI score0.00473EPSS
Exploits1References1
CNVD
CNVD
added 2016/05/10 12:0 a.m.5 views

Accellion File Transfer Appliance Cross-Site Scripting Vulnerability

Accellion File Transfer Appliance FTA is a file transfer solution from Accellion USA. The solution supports file transfer, file sharing, file transfer tracking and reporting, and more. A cross-site scripting vulnerability exists in Accellion FTA versions prior to FTA91240. A remote attacker can...

6.1CVSS6.1AI score0.00938EPSS
Exploits1References1
OSV
OSV
added 2016/05/07 2:59 p.m.3 views

CVE-2016-2353

The Accellion File Transfer Appliance FTA before FTA91240 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors...

7.8CVSS5.9AI score0.00473EPSS
Exploits1References2
OSV
OSV
added 2016/05/07 2:59 p.m.3 views

CVE-2016-2352

The Accellion File Transfer Appliance FTA before FTA91240 allows remote authenticated users to execute arbitrary commands by leveraging the YUMCLIENT restricted-user role...

8.8CVSS6AI score0.05381EPSS
Exploits0References2
OSV
OSV
added 2016/05/07 2:59 p.m.4 views

CVE-2016-2351

SQL injection vulnerability in home/seos/courier/securitykey2.api on the Accellion File Transfer Appliance FTA before FTA91240 allows remote attackers to execute arbitrary SQL commands via the clientid parameter...

9.8CVSS6.1AI score0.01579EPSS
Exploits1References2
Prion
Prion
added 2016/05/07 2:59 p.m.23 views

Authentication flaw

The Accellion File Transfer Appliance FTA before FTA91240 allows remote authenticated users to execute arbitrary commands by leveraging the YUMCLIENT restricted-user role...

6.5CVSS7.7AI score0.05381EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/05/07 2:59 p.m.20 views

Sql injection

SQL injection vulnerability in home/seos/courier/securitykey2.api on the Accellion File Transfer Appliance FTA before FTA91240 allows remote attackers to execute arbitrary SQL commands via the clientid parameter...

7.5CVSS9AI score0.01579EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2016/05/07 2:0 p.m.56 views

CVE-2016-2351

CVE-2016-2351 affects the Accellion File Transfer Appliance (FTA) prior to FTA_9_12_40. The vulnerability is an SQL injection in the file path home/seos/courier/security_key2.api that allows a remote attacker to execute arbitrary SQL commands via the client_id parameter, as documented by NVD and ...

9.8CVSS9.9AI score0.01579EPSS
Exploits1References2Affected Software1
Saint
Saint
added 2015/07/16 12:0 a.m.35 views

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

9.8CVSS10AI score0.84178EPSS
Exploits12
Saint
Saint
added 2015/07/16 12:0 a.m.37 views

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

7.5CVSS10AI score0.84178EPSS
Exploits12
Saint
Saint
added 2015/07/16 12:0 a.m.29 views

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

9.8CVSS10AI score0.84178EPSS
Exploits12
Saint
Saint
added 2015/07/16 12:0 a.m.43 views

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

9.2CVSS10AI score0.84178EPSS
Exploits12
Metasploit
Metasploit
added 2015/07/08 6:42 p.m.70 views

Accellion FTA 'statecode' Cookie Arbitrary File Read

This module exploits a file disclosure vulnerability in the Accellion File Transfer appliance. This vulnerability is triggered when a user-provided 'statecode' cookie parameter is appended to a file path that is processed as a HTML template. By prepending this cookie with directory traversal...

9.8CVSS8.2AI score0.84178EPSS
Exploits12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Accellion File Transfer - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30796/info Accellion File Transfer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Accellion Secure File Transfer Appliance Multiple Command Restriction Weakness Local Privilege Escalation

No description provided by source. source: http://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-traversal issue - An HTML-injection issue - A remote...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Accellion File Transfer Appliance Error Report Message - Open Email Relay Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31178/info Accellion File Transfer Appliance is prone to an open-email-relay vulnerability. An attacker could exploit this issue by constructing a script that would send unsolicited spam to an unrestricted amount of email...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2011/03/11 5:37 p.m.10 views

Accellion FTA MPIPE2 Command Execution

This module exploits a chain of vulnerabilities in the Accellion File Transfer appliance. This appliance exposes a UDP service on port 8812 that acts as a gateway to the internal communication bus. This service uses Blowfish encryption for authentication, but the appliance ships with two easy to...

7.9AI score
Exploits0
Exploit DB
Exploit DB
added 2011/03/11 12:0 a.m.23 views

Accellion File Transfer Appliance MPIPE2 - Command Execution (Metasploit)

$Id: accellionftampipe2.rb 11935 2011-03-11 17:37:23Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score
Exploits0
Rows per page
Query Builder