PT-2024-17521 · Rejetto · Http File Server

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is an open redirect vulnerability. This could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site. The...

Rejetto Http File Server Injection Vulnerability

HTTP File Server is a simple tool that allows you to access your phone's files from your desktop, tablet or other device without any special software - just a web browser. An injection vulnerability exists in Rejetto Http File Server version 2.2a, which stems from the fact that under certain...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

Design/Logic Flaw

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

Cute Http File Server Security Vulnerability

Cute Http File Server is a free, HTTP protocol file sharing server for iscute individual developers. A security vulnerability exists in Cute Http File Server version v.3.1, which originates from a vulnerability that could allow a remote attacker to escalate privileges via a password authenticatio...

CVE-2024-26566

CVE-2024-26566 affects Cute Http File Server v3.1. The issue allows a remote attacker to escalate privileges via the password verification component, with a network attack vector, no user interaction, and high impact (Integrity). Affected software is Cute Http File Server v3.1 (no other versions ...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

PT-2024-21424 · Unknown · Cute Http File Server

Name of the Vulnerable Software and Affected Versions: Cute Http File Server version 3.1 Description: The issue allows a remote attacker to escalate privileges via the password verification component. Recommendations: For Cute Http File Server version 3.1, consider disabling the password...

CVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component...

SUSE CVE-2024-22232

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master's filesystem...

PT-2024-1429 · Unknown · Solar Ftp Server

Name of the Vulnerable Software and Affected Versions: Solar FTP Server versions 2.1.1 through 2.1.2 Description: The issue is related to an uncontrolled resource consumption in the PASV mode of the Solar FTP Server, which can be exploited by a remote attacker to cause a denial of service. The...

CVE-2024-23331

CVE-2024-23331 (Vite) : The Vite dev server option server.fs.deny can be bypassed on case-insensitive file systems by using case-augmented filenames. The issue occurs because picomatch defaults to case-sensitive glob matching, while the file server does not, enabling a blacklist bypass and potent...

PT-2024-15794 · Unknown · Xlight Ftp Server

Name of the Vulnerable Software and Affected Versions: Xlightftpd Xlight FTP Server version 1.1 Description: A problematic vulnerability was found in the Login component, where the manipulation of the user argument leads to denial of service. The attack can be initiated remotely. Recommendations:...

Ability FTP Server Security Vulnerability

Ability FTP Server is an easy to use FTP service. A security vulnerability exists in Ability FTP Server version 2.34, which originates from a Denial of Service DOS vulnerability in the component APPE Command Handler...

CVE-2024-0352

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...

PT-2024-15488

Name of the Vulnerable Software and Affected Versions Likeshop versions up to 2.5.7.20210311 Description A critical vulnerability was found in the function FileServer::userFormImage of the file server/application/api/controller/File.php, which is part of the HTTP POST Request Handler component. T...

Path Traversal

iodine is vulnerable to Path Traversal . The vulnerability is due to improper validation or URL's allowrf to manipulate the static file server. This issue can be exploited by an attacker to read files outside the public folder via a malicious URL...

CVE-2024-22050 Iodine Static File Server Path Traversal Vulnerability

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs...

CVE-2024-22050 Iodine Static File Server Path Traversal Vulnerability

Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs...