CVE-2016-10710

Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...

Design/Logic Flaw

Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...

CVE-2016-10710

Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...

CVE-2016-10710

Biscom Secure File Transfer SFT 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix...

CVE-2016-10710

Biscom Secure File Transfer (SFT) versions 5.0.1000–5.0.1048 fail to validate the dataFieldId and use sequential numbers, enabling remote authenticated users to overwrite or read files via crafted requests. The issue is fixed in version 5.0.1050. Affected platforms are Biscom SFT; exact root caus...

CVE-2018-5777

An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 17.1.1. Remote clients can take advantage of a misconfiguration in the TFTP server that could allow attackers to execute arbitrary commands on the TFTP server via unspecified vectors...

PT-2018-17140 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions prior to 2017 Plus SP1 17.1.1 Description: An issue was discovered that allows remote clients to take advantage of a misconfiguration in the TFTP server, potentially enabling attackers to execute arbitrary...

The vulnerability of the syntax analyzer of the software tool for interacting with the curl server allows a hacker to perform read operations beyond the buffer in memory.

The vulnerability of the software tool’s syntax analyzer for interacting with servers using curl is related to an error during registration on the server using the FTP protocol. Exploiting this vulnerability allows a malicious actor to gain access to data beyond the boundaries of the allocated...

The vulnerability of the sendto function in the software tool for interacting with servers via curl allows a hacker to trigger a service failure or redirect traffic.

The vulnerability of the sendto function in the curl programming interface relates to reading beyond the buffer limit when using the TFTP protocol. Exploiting this vulnerability allows a malicious actor to cause service failures or redirect traffic through a specially crafted URL address...

CVE-2017-18047

Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply...

DarkComet (C2 Server) - File Upload Exploit

Exploit for multiple platform in category web applications !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from r...

rsync: Multiple vulnerabilities

Background File transfer program to keep remote files into sync. Description Multiple vulnerabilities have been discovered in rsync. Please review the CVE identifiers referenced below for details. Impact A remote attacker could bypass intended access restrictions or cause a Denial of Service...

CVE-2018-5700

Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copyfolderfile call in inc/class.ftpfolder.php to move a .php file from the FTP folder into a web folder...

TRENDnet TEW-823DRU Device Elevation of Privilege Vulnerability

The TRENDnet TEW-823DRU devices is a dual-band wireless router device from TRENDnet. A security vulnerability exists in TRENDnet TEW-823DRU devices using firmware versions prior to 1.00b36, where a hard-coded password is used for the root account. A remote attacker can exploit the vulnerability t...

CVE-2018-5310

In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI...

Unspecified Vulnerability in IBM MQ Managed File Transfer Agent

IBM MQ Managed File Transfer Agent is a suite of file transfer software from IBM in the United States. The software transfers files between systems in an auditable manner. A security vulnerability exists in IBM MQ Managed File Transfer Agent that arises from the program setting insecure permissio...

CVE-2017-1699

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391...

CVE-2017-1699

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391...

Code injection

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391...

CVE-2017-1699

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391...