CVE-2020-11708

Published: 2020-04-12T03:15Z

Last Modified: 2024-11-21T04:58Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE() feature, which is for executing programs when certain events are triggered. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt