cbcvebase.
CVE-2012-6339
published 2012-12-31

CVE-2012-6339: Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to…

PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.19%
63.9th percentile
Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.

Affected

118 ranges· showing 25
VendorProductVersion rangeFixed in
cerberusftpftp_server<= 5.0.5.1
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
cerberusftpftp_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.