CompleteFTP is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to download arbitrary files outside of the FTP server root directory. This may aid in further attacks. CompleteFTP 3.3.0 is vulnerable other versions may also be affected.
- Home FTP Server Multiple Directory Traversal Vulnerabilities
- Titan FTP Server Multiple Directory Traversal Vulnerabilities
- Ipswitch WS_FTP Professional 'HTTP' Response Format String Vulnerability
- Telnet-Ftp Server Directory Traversal Vulnerability
- vsftpd '__tzfile_read()' Function Heap Based Buffer Overflow Vulnerability