Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-45690 | 1 Southrivertech | 2 Titan Ftp Server, Titan Mft Server | 2024-11-21 | N/A | 4.9 MEDIUM |
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem | |||||
CVE-2023-22629 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | N/A | 8.8 HIGH |
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem. | |||||
CVE-2022-44215 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | N/A | 6.1 MEDIUM |
There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL. | |||||
CVE-2019-10009 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory. | |||||
CVE-2014-1843 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter. | |||||
CVE-2014-1842 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value. | |||||
CVE-2014-1841 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter. | |||||
CVE-2010-2426 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 4.0 MEDIUM | N/A |
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command. | |||||
CVE-2010-2425 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 6.5 MEDIUM | N/A |
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command. | |||||
CVE-2008-6082 | 1 Southrivertech | 1 Titan Ftp Server | 2024-11-21 | 5.0 MEDIUM | N/A |
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command. |