Lucene search
K

69 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Fedora 42 : proftpd (2026-739d341ab8)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-739d341ab8 advisory. Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via modsql CVE-2026-42167. Note that modsql is not enabled by...

8.1CVSS6AI score0.04438EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.13 views

Fedora 44 : proftpd (2026-549ee32ea1)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-549ee32ea1 advisory. Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via modsql CVE-2026-42167. Note that modsql is not enabled by...

8.1CVSS6AI score0.04438EPSS
Exploits7References2
GithubExploit
GithubExploit
added 2026/05/04 12:37 a.m.111 views

Exploit for CVE-2026-42167

CVE-2026-42167: SQL Injection en ProFTPD modsql 📋 Resumen...

8.1CVSS5.9AI score0.04438EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/05/02 9:9 a.m.117 views

Exploit for CVE-2026-42167

CVE-2026-42167 Master Exploit Tool A professional security re...

8.1CVSS6AI score0.04438EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/04/29 6:52 a.m.149 views

Exploit for CVE-2026-42167

CVE-2026-42167 — ProFTPD modsql SQL Injection / Auth Bypass...

8.1CVSS6.2AI score0.04438EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-42167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an...

8.1CVSS6.7AI score0.04438EPSS
Exploits7References3
BDU FSTEC
BDU FSTEC
added 2026/04/29 12:0 a.m.3 views

The vulnerability of the mod_sql module in the ProFTPD FTP server allows a hacker to execute arbitrary commands.

The vulnerability of the modsql module in the ProFTPD FTP server lies in the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5Affected Software1
NVD
NVD
added 2026/04/28 11:16 p.m.6 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.04438EPSS
Exploits7References7
OSV
OSV
added 2026/04/28 11:16 p.m.5 views

UBUNTU-CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.5AI score0.04438EPSS
Exploits7References3
GithubExploit
GithubExploit
added 2026/04/28 2:35 p.m.376 views

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

7.5AI score0.04438EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.5 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-42167

modsql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5Affected Software1
CVE
CVE
added 2026/04/28 12:0 a.m.212 views

CVE-2026-42167

CVE-2026-42167 : A logic flaw in ProFTPD (mod_sql) allows unauthenticated SQL injection via logging of USER (e.g., %U). The root cause is a faulty is_escaped_text() heuristic in contrib/mod_sql.c that may treat attacker-controlled input as already escaped, leading to raw injection into SQL and po...

8.1CVSS6.3AI score0.04438EPSS
In wildExploits7References7Affected Software1
Cvelist
Cvelist
added 2026/04/28 12:0 a.m.64 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.04438EPSS
Exploits7References5
Debian CVE
Debian CVE
added 2026/04/28 12:0 a.m.4 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.8 views

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2026-1615)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

7.5CVSS5.9AI score0.02204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2026-1587)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

7.5CVSS5.9AI score0.02204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.8 views

EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2026-1035)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

7.5CVSS7.3AI score0.02204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.6 views

EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2026-1056)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

7.5CVSS7.3AI score0.02204EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-43211

Malicious code in bioql PyPI...

7.5CVSS8.9AI score0.02204EPSS
Exploits0References2
Rows per page
Query Builder