Multiple SQL injection vulnerabilities in Xlight FTP Server prior to 3.2.1, when ODBC authentication is enabled, allow remote malicious users to execute arbitrary SQL commands via the (1) USER (aka username) or (2) PASS (aka password) command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xlightftpd xlight ftp server 2.861 |
||
xlightftpd xlight ftp server 2.86 |
||
xlightftpd xlight ftp server 2.706 |
||
xlightftpd xlight ftp server 2.70 |
||
xlightftpd xlight ftp server 2.02 |
||
xlightftpd xlight ftp server 2.01 |
||
xlightftpd xlight ftp server 1.60 |
||
xlightftpd xlight ftp server |
||
xlightftpd xlight ftp server 3.0.5 |
||
xlightftpd xlight ftp server 3.1.6 |
||
xlightftpd xlight ftp server 3.1.5 |
||
xlightftpd xlight ftp server 2.85 |
||
xlightftpd xlight ftp server 2.835 |
||
xlightftpd xlight ftp server 2.60 |
||
xlightftpd xlight ftp server 2.40 |
||
xlightftpd xlight ftp server 2.0 |
||
xlightftpd xlight ftp server 1.65 |
||
xlightftpd xlight ftp server 3.0 |
||
xlightftpd xlight ftp server 2.8 |
||
xlightftpd xlight ftp server 2.72 |
||
xlightftpd xlight ftp server 2.1 |
||
xlightftpd xlight ftp server 2.03 |
||
xlightftpd xlight ftp server 1.62 |
||
xlightftpd xlight ftp server 1.61 |
||
xlightftpd xlight ftp server 3.1.1 |
||
xlightftpd xlight ftp server 3.1 |
||
xlightftpd xlight ftp server 2.83 |
||
xlightftpd xlight ftp server 2.82 |
||
xlightftpd xlight ftp server 2.27 |
||
xlightftpd xlight ftp server 2.24 |
||
xlightftpd xlight ftp server 2.2 |
||
xlightftpd xlight ftp server 1.64 |
||
xlightftpd xlight ftp server 1.62a |