8 matches found
CVE-2026-29170
CVE-2026-29170 describes a cross-site scripting (XSS) vulnerability in Apache HTTP Server 2.4.67 and earlier, affecting mod_proxy_ftp during HTML directory list generation when listing FTP directory contents via forward or reverse proxy configurations. The vulnerability arises in the HTML directo...
PT-2026-47314
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A cross-site scripting issue exists in the HTML directory list generation of mod proxy ftp when listing FTP directory contents through forward or reverse proxy configurations...
EUVD-2010-5302
Malware in sbrugna...
CVE-2010-20108
FTPPad = 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate...
PT-2025-34304 · Unknown · Gekko Manager Ftp Client
Name of the Vulnerable Software and Affected Versions: Gekko Manager FTP Client versions prior to 0.78 Description: The software contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client does not validate the length...
GNU wget FTP Remote File Creation (CVE-2014-4877)
An input validation error exists in wget. The vulnerability can occur when wget retrieves files or directories over FTP that are or that contain symlinks. A remote attacker can exploit this vulnerability by creating a crafted FTP directory listing on a server and enticing a user to open the FTP...
Firefox integer underflow in FTP directory list parser
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service application crash, or obtain sensitive information via a crafted directory listing in a reply...
CVE-2007-0247
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service core dump via crafted FTP directory listing responses, possibly related to the 1 ftpListingFinish and 2 ftpHtmlifyListEntry functions...