Description

CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection.

Remediation

References

CVE-2018-18288

Related Vulnerabilities

WordPress Plugin PublishPress Future: Automatically Unpublish WordPress Posts Multiple Vulnerabilities (2.1.1)

WordPress Plugin WooCommerce Upload Files Arbitrary File Upload (59.3)

WordPress Plugin Poll, Survey, Questionnaire and Voting system SQL Injection (1.5.2)

Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.27)

Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)

Severity

Medium

Classification

CVE-2018-18288 CWE-601 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities