Lucene search
+L

1575 matches found

GithubExploit
GithubExploit
added 2026/05/01 1:36 p.m.233 views

Exploit for CVE-2026-42167

\ CVE-2026-42167 POC Pre-Authentication Remote Code Executio...

8.1CVSS6.1AI score0.04438EPSS
Exploits7
SUSE CVE
SUSE CVE
added 2026/04/30 2:24 a.m.8 views

SUSE CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References3
GithubExploit
GithubExploit
added 2026/04/29 6:52 a.m.174 views

Exploit for CVE-2026-42167

CVE-2026-42167 — ProFTPD modsql SQL Injection / Auth Bypass...

8.1CVSS6.2AI score0.04438EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-42167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an...

8.1CVSS7.4AI score0.04438EPSS
Exploits7References3
BDU FSTEC
BDU FSTEC
added 2026/04/29 12:0 a.m.8 views

The vulnerability of the mod_sql module in the ProFTPD FTP server allows a hacker to execute arbitrary commands.

The vulnerability of the modsql module in the ProFTPD FTP server lies in the lack of security measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5Affected Software1
NVD
NVD
added 2026/04/28 11:16 p.m.8 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.04438EPSS
Exploits7References7
GithubExploit
GithubExploit
added 2026/04/28 2:35 p.m.391 views

Exploit for CVE-2026-42167

ProFTPD Vulnerability POCs Proof-of-concept demonstrations fo...

7.5AI score0.04438EPSS
Exploits7
Slackware Linux
Slackware Linux
added 2026/04/28 6:6 a.m.9 views

[slackware-security] proftpd

New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.9a-i586-1slack15.0.txz: Upgraded. Fix for an SQL injection that may lead to authentication bypass, privilege escalation,...

8.1CVSS6.2AI score0.04438EPSS
Exploits7
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.5 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-42167

modsql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References5Affected Software1
Cvelist
Cvelist
added 2026/04/28 12:0 a.m.66 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.04438EPSS
Exploits7References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.12 views

PT-2026-36217

Уязвимость модуля mod sql FTP-сервера ProFTPD связана с непринятием мер по защите структуры запроса SQL. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольные команды...

8.1CVSS5.8AI score0.04438EPSS
Exploits7References4
EUVD
EUVD
added 2026/04/28 12:0 a.m.8 views

EUVD-2026-26157

modsql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7References4
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.14 views

ProFTPD SQL注入漏洞

ProFTPD is an open-source FTP server software with high configurability developed by ProFTPD. Versions of ProFTPD prior to 1.3.10rc1 contained a SQL injection vulnerability. This vulnerability originated from the modsql module. In scenarios where USER requests with extensions like %U are recorded...

8.1CVSS6.5AI score0.04438EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.9 views

Slackware Linux 15.0 / current proftpd Vulnerability (SSA:2026-118-01)

The version of proftpd installed on the remote host is prior to 1.3.9a. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-118-01 advisory. New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

8.1CVSS5.4AI score0.04438EPSS
Exploits7References2
OSV
OSV
added 2026/04/28 12:0 a.m.3 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS7.8AI score0.04438EPSS
Exploits7References9
AlpineLinux
AlpineLinux
added 2026/04/28 12:0 a.m.8 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.3AI score0.04438EPSS
Exploits7
CVE
CVE
added 2026/04/28 12:0 a.m.217 views

CVE-2026-42167

CVE-2026-42167 : A logic flaw in ProFTPD (mod_sql) allows unauthenticated SQL injection via logging of USER (e.g., %U). The root cause is a faulty is_escaped_text() heuristic in contrib/mod_sql.c that may treat attacker-controlled input as already escaped, leading to raw injection into SQL and po...

8.1CVSS6.3AI score0.04438EPSS
In wildExploits7References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.9 views

PT-2026-35642

Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.10rc1 Description A flaw in the mod sql module occurs due to insufficient protection of the SQL query structure. Remote attackers can execute arbitrary code by providing a specially crafted username in scenarios...

8.1CVSS8.7AI score0.04438EPSS
Exploits7References50
OpenVAS
OpenVAS
added 2026/03/17 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2026-1587)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.02204EPSS
Exploits0References2
Rows per page
Query Builder