EUVD-2017-17731

Malware in sbrugna...

EUVD-2017-17739

Malware in sbrugna...

Unspecified Vulnerability in Accellion FTA Devices (CNVD-2017-07456)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. Accellion FTA设备FTA912180之前的版本中的courier/web/1000@/wmProgressval.html页面存在未明漏洞 The vulnerability stems from a regular expression missin...

Unspecified vulnerability in Accellion FTA devices (CNVD-2017-07457)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. An unspecified vulnerability exists in Accellion FTA devices versions prior to FTA912180. A remote attacker can exploit this...

Design/Logic Flaw

An issue was discovered on Accellion FTA devices before FTA912180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site...

Security feature bypass

An issue was discovered on Accellion FTA devices before FTA912180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection...

CVE-2017-8796

An issue was discovered on Accellion FTA devices before FTA912180. Because mysqlrealescapestring is misused, seos/courier/communicationp2p.php allows SQL injection with the appid parameter...

CVE-2017-8789

An issue was discovered on Accellion FTA devices before FTA912180. A reporterror.php?year='payload SQL injection vector exists...