Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MonstaftpMonsta Ftp*

3 matches found

CVE
CVEadded 2020/07/01 5:15 p.m.31 views

CVE-2020-14057

Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments.

9.8CVSS9.7AI score0.03074EPSS
CVE
CVEadded 2020/07/01 5:15 p.m.30 views

CVE-2020-14056

Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.

9.8CVSS9.1AI score0.00492EPSS
CVE
CVEadded 2020/07/01 5:15 p.m.26 views

CVE-2020-14055

Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.

6.1CVSS6.3AI score0.00359EPSS