Lucene search
K

1563 matches found

CVE
CVE
added 2026/05/05 7:41 p.m.36 views

CVE-2026-44331

ProFTPD vulnerable: versions up to 1.3.9a before 7666224 are affected by a SQL injection in sqltab_fetch_clients_cb() (contrib/mod_wrap2_sql.c). An attacker can inject arbitrary SQL via a crafted domain name accessed during reverse DNS lookups when UseReverseDNS is enabled, because the attacker-s...

8.1CVSS6AI score0.00455EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:41 p.m.8 views

CVE-2026-44331

In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltabfetchclientscb in contrib/modwrap2sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, the...

8.1CVSS6AI score0.00455EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/05/05 7:41 p.m.7 views

CVE-2026-44331

In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltabfetchclientscb in contrib/modwrap2sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, the...

8.1CVSS6AI score0.00455EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

ProFTPD SQL注入漏洞

ProFTPD is an open-source FTP server software with high configurability developed by ProFTPD. Versions prior to ProFTPD 1.3.9a contained a SQL injection vulnerability. This vulnerability stems from the sqltabFetchClientsCB function in contrib/modwrap2sql.c. When the option “UseReverseDNS on” is...

8.1CVSS6AI score0.00455EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.8 views

PT-2026-37238

Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.9a 7666224 Description A SQL injection issue exists in the sqltab fetch clients cb function within contrib/mod wrap2 sql.c. When the "UseReverseDNS on" setting is enabled, a remote attacker can inject arbitrary SQ...

8.1CVSS6AI score0.00455EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2026/05/04 12:37 a.m.96 views

Exploit for CVE-2026-42167

CVE-2026-42167: SQL Injection en ProFTPD modsql 📋 Resumen...

8.1CVSS5.9AI score0.05004EPSS
Exploits6
OSV
OSV
added 2026/05/03 9:56 a.m.8 views

OESA-2026-2159 proftpd security update

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

8.1CVSS6.3AI score0.05004EPSS
Exploits6References2
OSV
OSV
added 2026/05/03 9:56 a.m.12 views

OESA-2026-2158 proftpd security update

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

8.1CVSS6.3AI score0.05004EPSS
Exploits6References2
GithubExploit
GithubExploit
added 2026/05/02 1:8 p.m.91 views

Exploit for CVE-2026-42167

Description This repository contains a functional exploit for...

8.1CVSS5.9AI score0.05004EPSS
Exploits6
GithubExploit
GithubExploit
added 2026/05/02 9:9 a.m.93 views

Exploit for CVE-2026-42167

CVE-2026-42167 Master Exploit Tool A professional security re...

8.1CVSS6AI score0.05004EPSS
Exploits6
GithubExploit
GithubExploit
added 2026/05/01 1:36 p.m.120 views

Exploit for CVE-2026-42167

\ CVE-2026-42167 POC Pre-Authentication Remote Code Executio...

8.1CVSS6.1AI score0.05004EPSS
Exploits6
SUSE CVE
SUSE CVE
added 2026/04/30 2:24 a.m.6 views

SUSE CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.05004EPSS
Exploits6References3
GithubExploit
GithubExploit
added 2026/04/29 6:52 a.m.136 views

Exploit for CVE-2026-42167

CVE-2026-42167 — ProFTPD modsql SQL Injection / Auth Bypass...

8.1CVSS6.2AI score0.05004EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-42167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an...

8.1CVSS6.7AI score0.05004EPSS
Exploits6References3
NVD
NVD
added 2026/04/28 11:16 p.m.6 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.05004EPSS
Exploits6References7
GithubExploit
GithubExploit
added 2026/04/28 2:35 p.m.361 views

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

7.5AI score0.05004EPSS
Exploits6
Slackware Linux
Slackware Linux
added 2026/04/28 6:6 a.m.7 views

[slackware-security] proftpd

New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.9a-i586-1slack15.0.txz: Upgraded. Fix for an SQL injection that may lead to authentication bypass, privilege escalation,...

8.1CVSS6.2AI score0.05004EPSS
Exploits6
Cvelist
Cvelist
added 2026/04/28 12:0 a.m.50 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.05004EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.7 views

Slackware Linux 15.0 / current proftpd Vulnerability (SSA:2026-118-01)

The version of proftpd installed on the remote host is prior to 1.3.9a. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-118-01 advisory. New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

8.1CVSS5.4AI score0.05004EPSS
Exploits6References2
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.4 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.05004EPSS
Exploits6References5
Rows per page
Query Builder