Vulnerabilities > Cerberusftp > FTP Server > 10.0.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2019-25046 | Cross-site Scripting vulnerability in Cerberusftp FTP Server The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11.x before 11.0.4 allows XSS via an SVG document. | 4.3 |
| 2020-01-14 | CVE-2020-5196 | Incorrect Default Permissions vulnerability in Cerberusftp FTP Server Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. | 5.5 |
| 2020-01-13 | CVE-2020-5195 | Cross-site Scripting vulnerability in Cerberusftp FTP Server Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. | 4.3 |