35 matches found
CVE-2016-10710
Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...
EUVD-2020-29644
Malware in sbrugna...
EUVD-2020-20153
Malware in sbrugna...
CVE-2020-8503
Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...
CVE-2020-8796
Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...
CVE-2020-27646
Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...
CVE-2020-27646
Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...
Design/Logic Flaw
Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...
CVE-2020-27646
Biscom Secure File Transfer SFT before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft...
CVE-2020-27646
Biscom Secure File Transfer (SFT) platforms are affected in versions prior to 5.1.1082 and 6.x prior to 6.0.1011, where a vulnerability enables user credential theft. The CVSS data indicates network exposure with a high confidentiality impact (C:H) but no integrity or availability impact, and use...
CVE-2020-8796
Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...
Remote code execution
Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...
CVE-2020-8796
Biscom Secure File Transfer SFT before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server...
Design/Logic Flaw
Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...
CVE-2020-8503
The CVE-2020-8503 issue affects Biscom Secure File Transfer (SFT) versions 5.0.1050–5.1.1067 and 6.0.1000–6.0.1003. A vulnerability in the file-upload feature allows Insecure Direct Object Reference (IDOR) by an authenticated sender due to an error in how uploads are handled. The impact is descri...
CVE-2020-8503
Biscom Secure File Transfer SFT 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference IDOR by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004...
CVE-2016-10710
Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...
Design/Logic Flaw
Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...
CVE-2016-10710
Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...
CVE-2016-10710
Biscom Secure File Transfer (SFT) versions 5.0.1000–5.0.1048 fail to validate the dataFieldId and use sequential numbers, enabling remote authenticated users to overwrite or read files via crafted requests. The issue is fixed in version 5.0.1050. Affected platforms are Biscom SFT; exact root caus...