Vulnerabilities > Cerberusftp

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-10	CVE-2019-25046	Cross-site Scripting vulnerability in Cerberusftp FTP Server The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document. network low complexity cerberusftp CWE-79	6.1
2020-01-14	CVE-2020-5196	Incorrect Default Permissions vulnerability in Cerberusftp FTP Server Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. network low complexity cerberusftp CWE-276	8.1
2020-01-14	CVE-2020-5194	Authorization Bypass Through User-Controlled Key vulnerability in Cerberusftp FTP Server 8.0 The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permission to use the zip functionality via an unrestricted API endpoint. network low complexity cerberusftp CWE-639	5.4
2020-01-13	CVE-2020-5195	Cross-site Scripting vulnerability in Cerberusftp FTP Server Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. network low complexity cerberusftp CWE-79	6.1
2017-03-14	CVE-2017-6367	Improper Input Validation vulnerability in Cerberusftp FTP Server 8.0.10.1 In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. network low complexity cerberusftp CWE-20	7.5

Vulnerabilities > Cerberusftp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cerberusftp"}]}

Vulnerabilities > Cerberusftp