53 matches found
CVE-2021-47794
ZesleCP 3.1.9 contains an authenticated remote code execution vulnerability that allows attackers to create malicious FTP accounts with shell injection payloads. Attackers can exploit the FTP account creation endpoint by injecting a reverse shell command that establishes a network connection to a...
CVE-2016-10813
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains SEC-118...
EUVD-2016-3446
Malware in sbrugna...
EUVD-2006-0108
Malware in sbrugna...
EUVD-2016-1807
Malware in sbrugna...
EUVD-2018-18118
Malware in sbrugna...
CVE-2025-49197
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...
CVE-2025-49197 Deprecated TLS version supported
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...
PT-2025-25323 · Sick Ag · Sick Media Server
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account. Recommendations: At the moment, there is no...
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
Microsoft IIS FTP Server LIST Stack Exhaustion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS FTP Server LIST Stack Exhaustion', 'Description' = %q This module triggers Denial of Service condition in the Microsoft Internet...
OESA-2023-1193 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However,...
ZesleCP 3.1.9 - Remote Code Execution (Authenticated) Exploit
Title: ZesleCP 3.1.9 - Remote Code Execution RCE Authenticated Author: Numan Türle Vendor Homepage: https://zeslecp.com/ Software Link: https://zeslecp.com/ Version: =3.1.9 https://www.youtube.com/watch?v=5lTDTEBVq-0 !/usr/bin/python3 -- coding: utf-8 -- ZesleCP - Remote Code Execution...
ZesleCP 3.1.9 Remote Code Execution
Title: ZesleCP 3.1.9 - Remote Code Execution RCE Authenticated Date: 27.08.2021 Author: Numan Türle Vendor Homepage: https://zeslecp.com/ Software Link: https://zeslecp.com/ Version: =3.1.9 https://www.youtube.com/watch?v=5lTDTEBVq-0 !/usr/bin/python3 -- coding: utf-8 -- ZesleCP - Remote Code...
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
CVE-2020-8001
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account...
CVE-2016-10813
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains SEC-118...
Design/Logic Flaw
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains SEC-118...
CVE-2016-10813
CVE-2016-10813 affects cPanel prior to 57.9999.54, where an input handling flaw during FTP account creation under addon domains allows self-XSS. Root cause: insufficient input validation in the addon domains FTP creation flow. Impact: client-side script execution under the victim’s browser; no se...
CVE-2016-10813
cPanel before 57.9999.54 allows self XSS during ftp account creation under addon domains SEC-118...