Winscp Security Vulnerabilities and Issues — Winscp CVE List

Lucene search

WinscpWinscp

2 matches found

CVE•added 2019/01/10 9:29 p.m.•45 views

CVE-2018-20684

In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCPSink in core/ScpFileSystem.cpp.

7.5CVSS7.5AI score0.00604EPSS

CVE•added 2006/06/14 3:6 p.m.•43 views

CVE-2006-3015

Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.

7.1CVSS7AI score0.08998EPSS