Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.
oryginał ENAV:N/AC:H/Au:N/C:C/I:C/A:NWinscp
APPWinscp3.8.1
Powiązane podatności
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a ...
Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have o...
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sen...
Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers wit...
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote...