Incomplete blacklist vulnerability in NULL FTP Server Free and Pro 1.1.0.7 allows remote authenticated users to execute arbitrary commands via a custom SITE command containing shell metacharacters such as "&" (ampersand) in the middle of an argument.
References
Configurations
Configuration 1 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) http://www.vwsolutions.com/knowledgeBase/releaseNotes.aspx?productId=14 - URL Repurposed |
Information
Published : 2009-03-26 21:00
Updated : 2024-02-28 11:21
NVD link : CVE-2008-6534
Mitre link : CVE-2008-6534
CVE.ORG link : CVE-2008-6534
JSON object : View
Products Affected
vwsolutions
- null_ftp
CWE
CWE-20
Improper Input Validation