Lucene search
K
AccellionSecure File Transfer Appliance

7 matches found

CVE
CVE
added 2009/08/19 10:0 a.m.59 views

CVE-2008-7012

CVE-2008-7012 affects the Accellion File Transfer Appliance FTA_7_0_178 (and possibly earlier versions before FTA_7_0_189). The vulnerability is in the courier/1000@/api_error_email.html (the error reporting page) and allows remote attackers to send spam emails by modifying the description and cl...

7.8CVSS7AI score0.06674EPSS
Web
CVE
CVE
added 2010/02/19 5:0 p.m.59 views

CVE-2009-4648

CVE-2009-4648 affects Accellion Secure File Transfer Appliance before 8_0_105. Root cause: access to sensitive commands run with extra sudo privileges is not properly restricted in /usr/local/bin/admin.pl, enabling local administrators to escalate privileges. Vulnerability vectors include (1) arb...

7.2CVSS7AI score0.00821EPSS
Web
CVE
CVE
added 2010/02/19 5:0 p.m.58 views

CVE-2009-4646

CVE-2009-4646 affects the Accellion Secure File Transfer Appliance. The available connected records describe a static code injection vulnerability in the appliance’s administrative web interface that allows remote authenticated administrators to inject arbitrary shell commands by appending them t...

9CVSS7.2AI score0.01717EPSS
CVE
CVE
added 2008/08/27 11:0 p.m.48 views

CVE-2008-3850

CVE-2008-3850 is an XSS vulnerability in Accellion File Transfer FTA_7_0_135. The issue allows remote attackers to inject arbitrary web script or HTML via PATH_INFO to courier/forgot_password.html. Affected product: Accellion File Transfer FTA_7_0_135. Root cause: improper handling of PATH_INFO l...

4.3CVSS5.7AI score0.01462EPSS
Web
CVE
CVE
added 2010/02/19 5:0 p.m.48 views

CVE-2009-4647

Affected product: Accellion Secure File Transfer Appliance. Vulnerability: Cross-site scripting (XSS) via the username parameter when the administrator views audit logs. Impact: remote attacker can inject arbitrary web script/HTML into the admin context. Root cause: improper handling of the usern...

4.3CVSS5.8AI score0.01073EPSS
CVE
CVE
added 2010/02/19 5:0 p.m.44 views

CVE-2009-4644

The CVE-2009-4644 issue affects the Accellion Secure File Transfer Appliance, specifically versions prior to 8_0_105. It allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands by injecting shell metacharacters via the cli program (demonstrated wit...

9CVSS7.5AI score0.02412EPSS
CVE
CVE
added 2010/02/19 5:0 p.m.44 views

CVE-2009-4645

CVE-2009-4645 affects Accellion Secure File Transfer Appliance (SFTA) before version 8_0_105. The issue is a directory traversal in web_client_user_guide.html triggered by a .. (dot dot) in the lang parameter, allowing remote attackers to read arbitrary files. The connected documents confirm the ...

7.8CVSS6.8AI score0.02756EPSS