Product
accellion file transfer appliance
20 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-5623
CVE-2019-5622
CVE-2015-2856
CVE-2015-2857
CVE-2017-8796
CVE-2017-8795
CVE-2017-8794
CVE-2017-8793
CVE-2017-8792
CVE-2017-8791
CVE-2017-8790
CVE-2017-8789
CVE-2017-8788
CVE-2017-8760
CVE-2017-8304
CVE-2017-8303
CVE-2016-2353
CVE-2016-2352
CVE-2016-2351
CVE-2016-2350
all versions
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Eleme
all versions
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.
<= fta_9_11_200
Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA
<= 9_11_200
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters i
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/co
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is XSS in home/seos/courier/smtpg_add.html with the pa
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgres
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is XSS in home/seos/courier/user_add.html with the par
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a home/seos/courier/login.html auth_params CRLF att
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter"
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a CRLF vulnerability in settings_global_text_edit.p
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is XSS in courier/1000@/index.html with the auth_param
<= 9_12_40
An issue was discovered on Accellion FTA devices before FTA_9_12_180. courier/1000@/oauth/playground/callback.html allows XSS with
< 9_12_180
An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell m
<= 9_11_210
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and con
<= 9_11_210
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by
<= 9_11_210
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_
<= 9_11_210
Multiple cross-site scripting (XSS) vulnerabilities on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allow remote