cbcvebase.
CVE-2005-0483
published 2005-03-30

CVE-2005-0483: Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1)…

PriorityP420medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.97%
77.9th percentile
Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in a SITE NFO command.

Affected

14 ranges
VendorProductVersion rangeFixed in
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
glftpdglftpd
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.