Surgeftp Security Vulnerabilities and Issues — Surgeftp CVE List

Lucene search

NetwinSurgeftp

5 matches found

CVE•added 2002/03/09 5:0 a.m.•51 views

CVE-2001-0698

Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.

5CVSS6.7AI score0.0086EPSS

CVE•added 2007/07/15 9:30 p.m.•44 views

CVE-2007-3769

Cross-site scripting (XSS) vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...

5.8CVSS5.7AI score0.00668EPSS

CVE•added 2005/05/02 4:0 a.m.•39 views

CVE-2005-1034

SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK command.

5CVSS6.6AI score0.01271EPSS

CVE•added 2002/03/09 5:0 a.m.•38 views

CVE-2001-0697

NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command.

5CVSS6.9AI score0.06196EPSS

CVE•added 2002/03/09 5:0 a.m.•35 views

CVE-2001-0696

NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con.

5CVSS7.1AI score0.00915EPSS