Filter
-Infinity
0

Trending

Last week
Last month
Last year

BleepingComputerCritical auth bypass bug in CrushFTP now exploited in attacks

Exploited
First published (updated )
News
BleepingComputer

The RegisterCrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug

First published (updated )
News
The Register

BleepingComputerCrushFTP warns users to patch unauthenticated access flaw immediately

First published (updated )
News
BleepingComputer

CrushFTPStored XSS in CrushFTP

critical
9.6
First published (updated )
CVE-2024-11986

CrushFTPXSS

medium
6.1
First published (updated )
CVE-2024-22910

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CrushFTPUnauthenticated arbitrary file read and remote code execution in CrushFTP

critical
10
Exploited
EPSS
96.61%
First published (updated )
CVE-2024-4040

BleepingComputerCrushFTP warns users to patch exploited zero-day “immediately”

Exploited
Zeroday
First published (updated )
News
BleepingComputer

Red Hat OpenStack PlatformImpact of Terrapin SSH Attack

medium
6
First published (updated )
CVE-2023-48795

BleepingComputerExploit for CrushFTP RCE chain released, patch now

Zeroday
First published (updated )
News
BleepingComputer

CrushFTPCrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determin…

critical
9.8
Exploited
First published (updated )
CVE-2023-43177

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CrushFTPXSS

medium
4.8
First published (updated )
CVE-2021-44076

CrushFTPCrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection.

medium
6.1
First published (updated )
CVE-2018-18288

CrushFTPCrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.

medium
6.1
First published (updated )
CVE-2017-14038

CrushFTPXSS

medium
6.1
First published (updated )
CVE-2017-14036

CrushFTPCrushFTP 8.x before 8.2.0 has a serialization vulnerability.

critical
9.8
First published (updated )
CVE-2017-14035

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

CrushFTPCRLF Injection

medium
6.1
First published (updated )
CVE-2017-14037

CrushFTPBen Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files vi…

medium
4.6
First published (updated )
CVE-2001-0582

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203