155 matches found
EUVD-2017-17736
Malware in sbrugna...
EUVD-2017-17706
Malware in sbrugna...
CVE-2021-27730
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
CVE-2021-27101
Accellion FTA 912370 and earlier is affected by SQL injection via a crafted Host header in a request to documentroot.html. The fixed version is FTA912380 and later...
CVE-2020-14294
An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that is executed when reading transfer comments or the global notice board...
Published apps are not displaying content of local file when opened via FTA launcher of CWAforLinux
When opening local files using File Type Association FTA launcher of CWA Linux, the corresponding application launches fine, but with blank document instead of showing the content of the local file...
fta-antincendio.it Cross Site Scripting vulnerability OBB-3424494
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability
Accellion FTA contains a server-side request forgery SSRF vulnerability exploited via a crafted POST request to wmProgressstat.html...
Accellion FTA OS Command Injection Vulnerability
Accellion FTA contains an OS command injection vulnerability exploited via a local web service call...
Accellion FTA SQL Injection Vulnerability
Accellion FTA contains a SQL injection vulnerability exploited via a crafted host header in a request to documentroot.html...
Accellion FTA OS Command Injection Vulnerability
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints...
VulnCheck KEV: CVE-2021-27103
Accellion FTA contains a server-side request forgery SSRF vulnerability exploited via a crafted POST request to wmProgressstat.html...
VulnCheck KEV: CVE-2021-27104
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints...
The vulnerability of the Accellion FTA security system, which stems from the lack of measures to protect the SQL query structure, allows attackers to execute arbitrary SQL code and gain unauthorized access to protected information.
The vulnerability of the Accellion FTA security system lies in the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary SQL code and gain unauthorized access to protected information using a specially...
Qualys Update on Accellion FTA Security Incident
Update April 2, 2021 to the March 3 original blog post: As part of our commitment to keeping customers and the community informed about how we are addressing and resolving the Accellion FTA cyber incident, we are providing the following update to confirm containment of the incident and share...
Energy Giant Shell Is Latest Victim of Accellion Attacks
Energy giant Royal Dutch Shell is the latest victim of a series of attacks on users of the Accellion legacy File Transfer Appliance FTA product, which already has affected numerous companies and been attributed to the FIN11 and the Clop ransomware gang. “Shell has been impacted by a data-security...
Accellion FTA SQL injection (CVE-2021-27101)
An SQL injection vulnerability exists in Accellion FTA. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
CVE-2021-27730
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
Design/Logic Flaw
Accellion FTA 912432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA912444 and later...
CVE-2021-27731
Accellion FTA 912432 and earlier is affected by stored XSS via a crafted POST request to a user endpoint. The fixed version is FTA912444 and later...