Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SolarwindsServ-u

5 matches found

CVE
CVEadded 2021/02/03 5:15 p.m.249 views

CVE-2021-25276

In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. An unprivileged Windows user (having access to the server's filesystem) can add an FTP user by copying a valid profile file to t...

7.1CVSS8.2AI score0.00247EPSS
CVE
CVEadded 2021/02/03 4:15 p.m.45 views

CVE-2020-27994

SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal.

6.5CVSS6.5AI score0.01886EPSS
CVE
CVEadded 2021/02/03 4:15 p.m.45 views

CVE-2020-35481

SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.

9.8CVSS7.6AI score0.04459EPSS
CVE
CVEadded 2021/02/03 4:15 p.m.36 views

CVE-2020-35482

SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS.

5.4CVSS5.5AI score0.04259EPSS
CVE
CVEadded 2021/02/03 4:15 p.m.35 views

CVE-2020-28001

SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS.

5.4CVSS5.5AI score0.0163EPSS