7 matches found
EUVD-2025-18179
Malicious code in bioql PyPI...
CVE-2025-49197
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...
CVE-2025-49197
CVE-2025-49197 describes use of a weak password hash function that could allow an attacker to crack the hash and gain access to an FTP user account. Multiple sources (NVD, Red Hat, risk assessments) reiterate the same weakness and associated risk; no explicit vulnerability-fixed version or patch ...
Default credentials
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed...
Cross site scripting
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
CVE-2007-3769
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
Gene6 FTP Server本地权限提升漏洞
Gene6 FTP Server是一款非常流行的Microsoft Windows平台的FTP Server。 默认安装后,本地的非特权用户可以修改Gene6 FTP Server的设置,例如添加新的SITE命令。由于Gene6 FTP Server是以SYSTEM权限运行的,因此攻击者可以轻易的提升权限。 Gene6 G6 FTP Server http://marc.theaimsgroup.com 1. 以非特权用户的身份登陆。 2. 打开Gene6 FTP Server控制台,添加FTP用户帐号,如“test” 3. 对FTP...