CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2747

Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error messages depending on whether the file exists or not.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.6%

CVSS Severity

CVSS v2 Score 4.0

References

http://secunia.com/advisories/10661
http://www.osvdb.org/3574
http://www.securityfocus.com/archive/1/350224/30/21640/threaded
http://www.securityfocus.com/bid/9443
http://www.securitytracker.com/id?1008756
http://secunia.com/advisories/10661
http://www.osvdb.org/3574
http://www.securityfocus.com/archive/1/350224/30/21640/threaded
http://www.securityfocus.com/bid/9443
http://www.securitytracker.com/id?1008756

Products affected by CVE-2004-2747

Pablo Software Solutions » Quick N Easy Ftp Server » Version: 1.77

cpe:2.3:a:pablo_software_solutions:quick_n_easy_ftp_server:1.77

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2747

Products

Pricing

Contact Us