Secure File Transfer@* Security Vulnerabilities and Issues — Secure File Transfer@* CVE List

Lucene search

BiscomSecure File Transfer*

5 matches found

CVE•added 2020/01/31 8:15 p.m.•115 views

CVE-2020-8503

Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004.

6.5CVSS6.2AI score0.00267EPSS

CVE•added 2020/02/07 8:15 p.m.•109 views

CVE-2020-8796

Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server.

9.8CVSS9.6AI score0.03293EPSS

CVE•added 2017/06/28 1:29 p.m.•36 views

CVE-2017-5241

Biscom Secure File Transfer versions 5.0.0.0 trough 5.1.1024 are vulnerable to post-authentication persistent cross-site scripting (XSS) in the "Name" and "Description" fields of a Workspace, as well as the "Description" field of a File Details pane of a file stored in a Workspace. This issue has b...

5.4CVSS5.1AI score0.00388EPSS

CVE•added 2020/10/22 2:15 p.m.•33 views

CVE-2020-27646

Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft.

6.5CVSS6.5AI score0.00341EPSS

CVE•added 2018/01/25 11:29 p.m.•26 views

CVE-2016-10710

Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote authenticated users to overwrite or read files via crafted requests. Version 5.0.1050 contains the fix.

8.1CVSS7.6AI score0.00228EPSS