Vulnerabilities > Monstaftp > Monsta FTP > 2.10.1

DATE CVE VULNERABILITY TITLE RISK
2020-07-01 CVE-2020-14057 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Monstaftp Monsta FTP
Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations.
network
low complexity
monstaftp CWE-610
7.5
7.5
2020-07-01 CVE-2020-14056 Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality.
network
low complexity
monstaftp CWE-918
7.5
7.5
2020-07-01 CVE-2020-14055 Cross-site Scripting vulnerability in Monstaftp Monsta FTP
Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.
network
monstaftp CWE-79
4.3
4.3