彙總 pablo_software_solutions 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
已披露問題常與 路徑處理缺陷、緩衝區溢位與拒絕服務 相關,可能在 軟體部署與生產負載 場景中帶來 檔案覆寫 等暴露風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2006-3844 | Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | [email protected] | 6.5 | 1.37% | 2006-07-25 | 2026-04-16 |
| CVE-2006-2027 | Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue. | [email protected] | 6.5 | 5.24% | 2006-04-26 | 2026-04-16 |
| CVE-2006-1391 | The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL. | [email protected] | 5.0 | 1.35% | 2006-03-25 | 2026-04-16 |
| CVE-2006-1383 | Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of files outside the intended document root via unspecified manipulations, which generate different error messages depending on whether a file exists or not. | [email protected] | 4.0 | 0.69% | 2006-03-24 | 2026-04-16 |
| CVE-2005-2479 | Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command. | [email protected] | 5.0 | 5.91% | 2005-08-05 | 2026-04-16 |
| CVE-2004-2747 | Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error messages depending on whether the file exists or not. | [email protected] | 4.0 | 0.26% | 2004-12-31 | 2026-04-16 |
| CVE-2003-1300 | Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | [email protected] | 5.0 | 0.89% | 2003-12-31 | 2026-04-16 |
| CVE-2003-1299 | Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | [email protected] | 4.0 | 0.55% | 2003-12-31 | 2026-04-16 |
| CVE-2002-2209 | Unspecified "security vulnerability" in Baby FTP Server versions before November 7, 2002 has unknown impact and attack vectors. | [email protected] | 10.0 | 0.39% | 2002-12-31 | 2026-04-16 |
| CVE-2002-1244 | Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format strings in the USER command. | [email protected] | 7.5 | 3.29% | 2002-11-12 | 2026-04-16 |
| CVE-2002-1054 | Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command. | [email protected] | 6.4 | 3.54% | 2002-10-04 | 2026-04-16 |