Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Southrivertech Subscribe
Filtered by product Titan Ftp Server
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-22629 1 Southrivertech 1 Titan Ftp Server 2023-02-23 N/A 8.8 HIGH
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
CVE-2019-10009 1 Southrivertech 1 Titan Ftp Server 2019-06-06 4.0 MEDIUM 6.5 MEDIUM
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
CVE-2010-2425 1 Southrivertech 1 Titan Ftp Server 2018-10-10 6.5 MEDIUM N/A
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
CVE-2010-2426 1 Southrivertech 1 Titan Ftp Server 2018-10-10 4.0 MEDIUM N/A
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determine file size, via "..//" sequences in the xcrc command.
CVE-2008-6082 1 Southrivertech 1 Titan Ftp Server 2017-09-28 5.0 MEDIUM N/A
Titan FTP Server 6.26 build 630 allows remote attackers to cause a denial of service (CPU consumption) via the SITE WHO command.
CVE-2014-1843 1 Southrivertech 1 Titan Ftp Server 2015-07-29 5.0 MEDIUM N/A
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to obtain the property information of an arbitrary home folder via a Properties action with a .. (dot dot) in the src parameter.
CVE-2014-1842 1 Southrivertech 1 Titan Ftp Server 2015-07-29 5.0 MEDIUM N/A
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value.
CVE-2014-1841 1 Southrivertech 1 Titan Ftp Server 2015-07-29 5.0 MEDIUM N/A
Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to copy an arbitrary user's home folder via a Move action with a .. (dot dot) in the src parameter.