1555 matches found
Exploit for CVE-2026-42167
CVE-2026-42167 Master Exploit Tool A professional security re...
Exploit for CVE-2026-42167
\ CVE-2026-42167 POC Pre-Authentication Remote Code Executio...
SUSE CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
Exploit for CVE-2026-42167
CVE-2026-42167 — ProFTPD modsql SQL Injection / Auth Bypass...
Linux Distros Unpatched Vulnerability : CVE-2026-42167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an...
CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
Exploit for CVE-2026-42167
ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...
[slackware-security] proftpd
New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.9a-i586-1slack15.0.txz: Upgraded. Fix for an SQL injection that may lead to authentication bypass, privilege escalation,...
ProFTPD SQL注入漏洞
ProFTPD is an open-source FTP server software with high configurability developed by ProFTPD. Versions of ProFTPD prior to 1.3.10rc1 contained a SQL injection vulnerability. This vulnerability originated from the modsql module. In scenarios where USER requests with extensions like %U are recorded...
PT-2026-36217
Уязвимость модуля mod sql FTP-сервера ProFTPD связана с непринятием мер по защите структуры запроса SQL. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольные команды...
EUVD-2026-26157
modsql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
Slackware Linux 15.0 / current proftpd Vulnerability (SSA:2026-118-01)
The version of proftpd installed on the remote host is prior to 1.3.9a. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-118-01 advisory. New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...
CVE-2026-42167
The vulnerability CVE-2026-42167 affects ProFTPD with the mod_sql backend, where logging of USER requests (using expansions like %U) can bypass escaping in SQLLog/SQLNamedQuery and enable stacked SQL queries. In ProFTPD builds using the vulnerable mod_sql, an attacker can cause arbitrary code exe...
CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
CVE-2026-42167
modsql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
PT-2026-35642
Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.10rc1 Description A flaw in the mod sql module allows unauthenticated remote attackers to bypass authentication and execute arbitrary code. The issue stems from a lack of protection for SQL query structures,...
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1587)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1615)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...