CVE-2020-7851

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing...

Input validation

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing...

CVE-2020-7851

The CVE CVE-2020-7851 affects Innorix Web-Based File Transfer Solution (

CVE-2020-7851 Innorix File Transfer Solution File Download and Execution Vulnerability

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the internal method. A remote attacker could induce a user to access a crafted web page, causing...

Innorix Web-Based File Transfer 参数注入漏洞

INNORIX Innorix Web-Based File Transfer is an application system from INNORIX Korea. It is used for file transfer. Web-Based File Transfer Solution 9.2.18.385 suffers from a parameter injection vulnerability that can be exploited by a remote attacker to potentially trick a user into visiting a...

UBUNTU-CVE-2021-24002

When a user clicked on an FTP URL containing encoded newline characters %0A and %0D, the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

SUSE: Security Advisory (SUSE-SU-2019:0060-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VulnCheck KEV: CVE-2021-27101

Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to documentroot.html...

Cisco SD-WAN vManage Software Multiple Vulnerabilities (cisco-sa-vmanage-YuTVWqy)

The version of Cisco SD-WAN vManage Software installed on the remote host is affected by multiple vulnerabilities as referenced in the cisco-sa-vmanage-YuTVWqy advisory, as follows: - A vulnerability in the remote management component allows an unauthenticated, remote attacker to cause a buffer...

Cisco SD-WAN vManage Software 输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. An elevation of privilege vulnerability exists in the file transfer feature of Cisco SD-WAN vManage Software. The vulnerability stems from t...

The vulnerability of the Accellion FTA security system, which stems from insufficiently validated incoming requests, allows a perpetrator to carry out a SSRF attack and gain unauthorized access to protected information.

The vulnerability of the Accellion FTA security system is related to insufficient verification of incoming requests. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack and gain unauthorized access to protected information through specially created POST requests...

The vulnerability of the Accellion FTA security management system, which stems from the failure to remove special elements used in the operating system’s command set, allows attackers to execute arbitrary commands and gain unauthorized access to protected information.

The vulnerability of the Accellion FTA File Transfer Application security system lies in the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows attackers to execute arbitrary commands and gain unauthorized access to...

The vulnerability of the update function in FlexConnect microprogramming software for Cisco Aironet Access Points allows a intruder to disclose protected information.

The vulnerability of the update function in FlexConnect microprogramming software for Cisco Aironet Access Points is related to improper handling of permissions. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information by sending TFTP requests to the vulnerable...

The vulnerability of the Accellion FTA security management system, which stems from the failure to remove special elements used in the operating system’s command set, allows attackers to execute arbitrary commands and gain unauthorized access to protected information.

The vulnerability of the Accellion FTA File Transfer Application security system lies in the lack of measures to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely and gain unauthorized...

Core FTP Server 缓冲区错误漏洞

Core FTP is a file transfer server. Core FTP Server v1.2 Build 583 suffers from a buffer error vulnerability that can be exploited by an attacker via a crafted username...

PT-2021-6846

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The issue is related to the FTP client library in Python, specifically in PASV passive mode, where the library trusts the host from the PASV response by default. This allows an attacker to set...

Rockstar Service - Insecure File Permissions

Exploit Title: Rockstar Service - Insecure File Permissions Date: 2020-04-02 Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability...

Core FTP 安全漏洞

Core FTP is a file transfer server. Core FTP LE v2.2 allows local attackers to cause a denial or service A security vulnerability exists that allows local attackers to cause a denial of service via a long string in Settings-Users-Username editbox...

Haxx libcurl 信息泄露漏洞

HAXX Haxx libcurl is a free, open source client-side URL transport library from the Swedish company HAXX. The library supports FTP, FTPS, TFTP, HTTP and more. An information disclosure vulnerability exists in Haxx libcurl, which can be exploited by an attacker to bypass access restrictions on dat...

CVE-2020-19643

Cross Site Scripting XSS vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B via all fields in the FTP settings page to the "goform/formSetFtpCfg" settings page...