6 matches found
CVE-2025-10040
The CVE-2025-10040 entry concerns the WordPress plugin WP Import – Ultimate CSV XML Importer. Affected: plugin versions up to 7.27. Issue: missing capability check on the get_ftp_details AJAX action, enabling authenticated users with Subscriber-level access and above to disclose configured SFTP/F...
CVE-2025-7357
LITEON IC48A firmware versions prior to 01.00.19r and LITEON IC80A firmware versions prior to 01.01.12e store FTP-server-access-credentials in cleartext in their system logs...
CVE-2025-7357
LITEON IC48A firmware versions prior to 01.00.19r and LITEON IC80A firmware versions prior to 01.01.12e store FTP-server-access-credentials in cleartext in their system logs...
Mandriva Linux Security Advisory : vim (MDVSA-2008:236-1)
Several vulnerabilities were found in the vim editor : A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim CVE-2008-2712. Ulf Hrnhammar of Secunia...
DEBIAN-CVE-2004-1948
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list...
CVE-1999-1235
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow 1 local users to read the information from another user's index.dat, or 2 people who are physically observing "shoulder surfing" another user to read the information from the status bar...