Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via ".." (dot-dot backslash) sequences in a LIST command.
6.8AI Score
0.085EPSS
Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command.
7.8AI Score
0.087EPSS