2 matches found
CVE-2020-11708
An issue was discovered in ProVide formerly zFTPServer through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE feature, which is for executing programs when certain events are triggered...
CVE-2020-11708
ProVide (formerly zFTPServer) up to version 13.1 has a privilege escalation flaw exposed via the /ajax/SetUserInfo parameter that leverages the EXECUTE() feature to run programs when certain events trigger. The issue is documented as CVE-2020-11708. The connected records confirm affected software...