Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

CrushFTP Server Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2023-43177)

Description

CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.

Remediation

References

Related Vulnerabilities

Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)

WordPress Plugin Simply Poll SQL Injection (1.4.1)

WordPress Plugin RokNewsPager Multiple Vulnerabilities (1.17)

WordPress Plugin Media File Renamer-Auto & Manual Rename Cross-Site Scripting (1.7.0)

WordPress Plugin Image Gallery with Slideshow Multiple Vulnerabilities (1.5.2)

Severity

Critical

Classification

CVE-2023-43177 CWE-913 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities