Proftpd Project » Proftpd : Security Vulnerabilities, CVEs, (CSRF)
ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
Max CVSS
6.8
EPSS Score
1.60%
Published
2008-09-25
Updated
2017-08-08
1 vulnerabilities found