Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI.
References
Configurations
Information
Published : 2006-06-14 08:06
Updated : 2017-07-19 18:31
NVD link : CVE-2006-3015
Mitre link : CVE-2006-3015
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
winscp
- winscp