6 matches found
CVE-2023-43696
Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server...
CVE-2022-32143
In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously...
SQLMap v1.4 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
CVE-2019-7227
In the ABB IDAL FTP server, an authenticated attacker can traverse to arbitrary directories on the hard disk with "CWD ../" and then use the FTP server functionality to download and upload files. An unauthenticated attacker can take advantage of the hardcoded or default credential pair exor/exor ...
Default configuration
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi...
Transferable Remote 1.1 XSS / LFI / Command Injection
Title: ====== Transferable Remote v1.1 iPad iPhone - Multiple Web Vulnerabilities Date: ===== 2013-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=863 VL-ID: ===== 863 Common Vulnerability Scoring System: ==================================== 8.5 Introduction:...