Lucene search
K

17 matches found

CVE
CVE
added 2026/06/08 3:10 p.m.88 views

CVE-2026-29170

CVE-2026-29170 describes a cross-site scripting (XSS) vulnerability in Apache HTTP Server 2.4.67 and earlier, affecting mod_proxy_ftp during HTML directory list generation when listing FTP directory contents via forward or reverse proxy configurations. The vulnerability arises in the HTML directo...

6.1CVSS5.2AI score0.00504EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47314

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.68 Description A cross-site scripting issue exists in the HTML directory list generation of mod proxy ftp when listing FTP directory contents through forward or reverse proxy configurations...

9.8CVSS5.2AI score0.90407EPSS
Exploits6References118
GithubExploit
GithubExploit
added 2026/02/12 4:23 p.m.210 views

OWASP-juice-shop-vapt

🛡 OWASP Juice Shop – VAPT Assessment Black-box web applicatio...

6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-5302

Malware in sbrugna...

8.7CVSS6.4AI score0.00962EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/08/21 8:11 p.m.4 views

CVE-2010-20108

FTPPad = 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate...

8.4CVSS6.5AI score0.00476EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.10 views

PT-2025-34304 · Unknown · Gekko Manager Ftp Client

Name of the Vulnerable Software and Affected Versions: Gekko Manager FTP Client versions prior to 0.78 Description: The software contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client does not validate the length...

8.5CVSS7.6AI score0.00476EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.2 views

SUSE CVE-2007-0247

squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service core dump via crafted FTP directory listing responses, possibly related to the 1 ftpListingFinish and 2 ftpHtmlifyListEntry functions...

5CVSS6.9AI score0.19093EPSS
Exploits0References4
OSV
OSV
added 2017/06/05 7:29 p.m.16 views

CVE-2017-9444

BigTree CMS through 4.2.18 has CSRF related to the core\admin\modules\users\profile\update.php script modify user information, the index.php/admin/developer/packages/delete/ URI remove packages, the index.php/admin/developer/upgrade/ignore/?versions= URI, and the...

8.8CVSS6.9AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2015/08/02 12:0 a.m.8 views

GNU wget FTP Remote File Creation (CVE-2014-4877)

An input validation error exists in wget. The vulnerability can occur when wget retrieves files or directories over FTP that are or that contain symlinks. A remote attacker can exploit this vulnerability by creating a crafted FTP directory listing on a server and enticing a user to open the FTP...

9.3CVSS2.4AI score0.39883EPSS
Exploits4
NVD
NVD
added 2014/10/06 1:55 a.m.29 views

CVE-2013-2645

Multiple cross-site request forgery CSRF vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043NDV1120405 allow remote attackers to hijack the authentication of administrators for requests that 1 enable FTP access aka "FTP directory traversal" to /tmp via the shareEntire parameter ...

9.3CVSS7.5AI score0.03013EPSS
Exploits1References1
Cvelist
Cvelist
added 2012/08/07 8:0 p.m.27 views

CVE-2012-3454

eXtplorer 2.1.0b6 uses world writable permissions for the /var/lib/extplorer/ftptmp directory, which allows local users to delete or overwrite arbitrary files...

6.5AI score0.003EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/11/12 12:0 a.m.41 views

Safari < 4.0.4 Multiple Vulnerabilities

The version of Safari installed on the remote Windows host is earlier than 4.0.4. Such versions are potentially affected by several issues : - An integer overflow in the handling of images with an embedded color profile could lead to a crash or arbitrary code execution. CVE-2009-2804 - Multiple...

9.3CVSS7.4AI score0.04471EPSS
Exploits5References9
Tenable Nessus
Tenable Nessus
added 2009/11/11 12:0 a.m.223 views

Safari < 4.0.4 Multiple Vulnerabilities

Binary data 5232.prm...

9.3CVSS7.3AI score0.04471EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2009/11/11 12:0 a.m.46 views

Safari < 4.0.4 Multiple Vulnerabilities

Binary data 801003.prm...

9.3CVSS7.3AI score0.04471EPSS
Exploits6References10
RedHat Linux
RedHat Linux
added 2009/10/27 10:43 p.m.4 views

Firefox integer underflow in FTP directory list parser

Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service application crash, or obtain sensitive information via a crafted directory listing in a reply...

9.3CVSS6AI score0.03478EPSS
Exploits2References4
OSV
OSV
added 2007/01/16 6:28 p.m.5 views

CVE-2007-0247

squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service core dump via crafted FTP directory listing responses, possibly related to the 1 ftpListingFinish and 2 ftpHtmlifyListEntry functions...

6.7AI score
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.20 views

Mandrake Linux Security Advisory : squid (MDKSA-2002:044)

Numerous security problems were fixed in squid-2.4.STABLE7. This releases has several bugfixes to the Gopher client to correct some security issues. Security fixes to how squid parses FTP directory listings into HTML have been implemented. A security fix to how squid forwards proxy authentication...

7.5CVSS5.6AI score0.05537EPSS
Exploits0References4
Rows per page
Query Builder