4 matches found
CVE-2022-29051
Missing permission checks in Jenkins Publish Over FTP Plugin 1.16 and earlier allow attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials...
FlashFXP 1.4 - User Password Encryption
// source: https://www.securityfocus.com/bid/7499/info FlashFXP uses a trivially reversible algorithm to encrypt FTP user credentials. Local attackers with access to the sites.data may exploit this weakness to gain unauthorized access to FTP user credentials for remote sites. / Flashfxp sites.dat...
CuteFTP 4.2 - Default Weak Password Encoding
source: https://www.securityfocus.com/bid/3233/info CuteFTP is a popular commercial FTP client for Microsoft Windows systems. CuteFTP v4.2and possibly earlier versions uses a weak system for encoding passwords for accounts on FTP sites. Passwords are stored in a file called 'sm.dat', and can be...
Дырка в Cisco/Arrowpoint CSS (FTP access)
По протоколу FTP непривилегированный пользовать может получить доступ к защищенным данным...