CVE-2019-25711 | NSauditor SpotFTP Password Recover 2.4.2 Registration Name reliance on untrusted inputs in a security decision (Exploit 46088 / EDB-46088)

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability was found in NSauditor SpotFTP Password Recover 2.4.2. It has been declared as problematic. This issue affects some unknown processing of the component Registration Handler. Such manipulation of the argument Name leads to reliance on untrusted inputs in a security decision.

This vulnerability is referenced as CVE-2019-25711. The attack can only be performed from a local environment. Furthermore, an exploit is available.

CVE-2019-25711 | NSauditor SpotFTP Password Recover 2.4.2 Registration Name reliance on untrusted inputs in a security decision (Exploit 46088 / EDB-46088)

Post correlati

CVE-2025-13169 | code-projects Simple Online Hotel Reservation System 1.0 /add_query_reserve.php room_id sql injection

CVE-2024-45737 | Splunk Enterprise/Cloud Platform prior 9.1.6/9.2.3/9.3.1 KVStore cross-site request forgery (SVD-2024-1007)

CVE-2024-29976 | Zyxel NAS326/NAS542 prior 5.21 show_allsessions privileges management

CVE-2024-34068 | Pterodactyl Wings up to 1.11.11 api.disable_remote_download access control