3dftp » 3d-ftp Client : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in SiteDesigner Technologies, Inc. 3D-FTP Client 9.0 build 2, and probably earlier versions, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
Max CVSS
9.3
EPSS Score
0.18%
Published
2010-08-21
Updated
2010-08-23
Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command.
Max CVSS
9.3
EPSS Score
0.18%
Published
2008-06-23
Updated
2017-08-08
2 vulnerabilities found