CVE-2020-7468

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

EUVD-1999-1279

Malware in sbrugna...

EUVD-2020-28594

Malware in sbrugna...

EUVD-2001-0753

Malware in sbrugna...

EUVD-2025-18179

Malicious code in bioql PyPI...

Easy Hosting Control Panel EHCP 安全漏洞

Easy Hosting Control Panel EHCP is a hosting control panel from Easy Hosting Control Panel, Inc. A security vulnerability exists in Easy Hosting Control Panel EHCP version v20.04.1.b, which stems from an unfiltered ftpusername parameter in the List All FTP User Function, which could lead to a...

CVE-2025-50927

A reflected cross-site scripting XSS vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter...

CVE-2025-49197

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...

CVE-2025-49197 Deprecated TLS version supported

The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...

CVE-2025-49197

CVE-2025-49197 describes use of a weak password hash function that could allow an attacker to crack the hash and gain access to an FTP user account. Multiple sources (NVD, Red Hat, risk assessments) reiterate the same weakness and associated risk; no explicit vulnerability-fixed version or patch ...

CVE-2024-12344

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2021-25276

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...

CVE-2024-12344

CVE-2024-12344 affects TP-Link VN020 F3v(T) with firmware TT_V6.2.1021, where the FTP USER Command Handler is vulnerable to memory corruption. The root cause is improper input validation of the USER command, allowing crafted payloads to overflow buffers and crash or corrupt memory, potentially en...

CVE-2024-12344 TP-Link VN020 F3v(T) FTP USER Command memory corruption

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2024-12344 TP-Link VN020 F3v(T) FTP USER Command memory corruption

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

MELAG FTP Server User Enumeration Vulnerability

MELAG FTP Server is an FTP server from the German company MELAG. version 2.2.0.4 of MELAG FTP Server is vulnerable to a user enumeration vulnerability, which stems from the fact that the program presents different responses to users and non-users, and can be exploited by attackers to identify...

MELAG FTP Server Information Disclosure Vulnerability

MELAG FTP Server is an FTP server from MELAG Germany.An information disclosure vulnerability exists in MELAG FTP Server version 2.2.0.4, which stems from storing the unencrypted password of an FTP user in a local configuration file. An attacker could exploit this vulnerability to obtain sensitive...

Information disclosure

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

CVE-2020-7468

In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12.1-RELEASE before p10, 11.4-RELEASE before p4 and 11.3-RELEASE before p14 a ftpd8 bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the...

Design/Logic Flaw

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...