Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2007/09/17 5:0 p.m.54 views

CVE-2007-4909

WinSCP (before 4.0.4) is affected by an interpretation conflict in its URL handler that lets remote attackers perform arbitrary file transfers via certain scp/sftp/ftp URLs, by abusing a login-as-username on the URL which is parsed differently by the protocol handler. The issue is described as a ...

9.3CVSS7.1AI score0.03522EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessusadded 2007/09/14 12:0 a.m.24 views

WinSCP URL Protocol Handler Arbitrary File Transfer

According to its version, the installation of WinSCP on the remote host fails to completely sanitize input to the SCP and SFTP protocol handlers. If an attacker can trick a user on the affected host into clicking on a malicious link, a file transfer can be initiated to or from the affected host. ...

9.3CVSS5.8AI score0.03522EPSS
Exploits0References3
Kaspersky
Kasperskyadded 2007/09/07 12:0 a.m.19 views

KLA11447 ACE vulnerability in WinSCP

Interpretation conflict vulnerability was found in WinSCP. Malicious users can exploit this vulnerability remotely to execute arbitrary code. Original advisories - Related products WinSCP CVE list CVE-2007-4909 critical Solution Update to the latest version Download WinSCP Impacts ACE Arbitrary...

9.3CVSS7.8AI score0.03522EPSS
Exploits0References2
Rows per page
Query Builder