Andreas Finstad

4 exploits Active since Sep 2021
CVE-2023-22629 EXPLOITDB HIGH text WRITEUP
Titan FTP Server < 1.94.1205 - Authenticated Path Traversal via Move-File Function
An issue was discovered in TitanFTP through 1.94.1205. The move-file function has a path traversal vulnerability in the newPath parameter. An authenticated attacker can upload any file and then move it anywhere on the server's filesystem.
CVSS 8.8
CVE-2023-23286 EXPLOITDB MEDIUM text WRITEUP
Provide Server 14.4 - Stored Cross-Site Scripting via Login Username Field
Cross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form.
CVSS 6.1
EIP-2026-104490 EXPLOITDB text WORKING POC
WhatsUp Gold 2022 (22.1.0 Build 39) - XSS
CVE-2021-41318 EXPLOITDB MEDIUM text WORKING POC
Progress WhatsUp Gold < 21.1.0 - Unauthenticated Stored Cross-Site Scripting
In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.
CVSS 6.1