Vulnerabilities > Accellion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2019-5622 | Use of Hard-coded Credentials vulnerability in Accellion File Transfer Appliance 80540 Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials. | 7.5 |
| 2018-07-13 | CVE-2016-9500 | Cross-site Scripting vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. | 4.3 |
| 2018-07-13 | CVE-2016-9499 | Information Exposure vulnerability in Accellion FTP Server Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. | 5.0 |
| 2018-05-24 | CVE-2017-9421 | Improper Authentication vulnerability in Accellion Kiteworks Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token. | 6.4 |
| 2017-10-10 | CVE-2015-2856 | Path Traversal vulnerability in Accellion File Transfer Appliance 80540/912180 Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2017-08-22 | CVE-2015-2857 | Command Injection vulnerability in Accellion File Transfer Appliance 80540/911200 Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter. | 7.5 |
| 2017-05-05 | CVE-2017-8796 | SQL Injection vulnerability in Accellion File Transfer Appliance 80540 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 7.5 |
| 2017-05-05 | CVE-2017-8795 | Cross-site Scripting vulnerability in Accellion File Transfer Appliance 80540 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 4.3 |
| 2017-05-05 | CVE-2017-8794 | Server-Side Request Forgery (SSRF) vulnerability in Accellion File Transfer Appliance 80540 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.4 |
| 2017-05-05 | CVE-2017-8793 | Origin Validation Error vulnerability in Accellion File Transfer Appliance 80540 An issue was discovered on Accellion FTA devices before FTA_9_12_180. | 6.8 |