CVE-2005-1094

FTP Now 2.6.14 - Plaintext Credential Exposure in sites.xml

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1094. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads the FTP Now configuration file to disclose stored FTP credentials. It locates the file using the Windows registry and parses the XML file to extract the first profile's address, username, and password.

Description

FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kozan · clocalwindows
https://www.exploit-db.com/exploits/918

This exploit reads the FTP Now configuration file to disclose stored FTP credentials. It locates the file using the Windows registry and parses the XML file to extract the first profile's address, username, and password.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: FTP Now v2.6.14 (and prior versions)
No auth needed
Prerequisites: Local access to the Windows system · FTP Now installed with default configuration
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1013657
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/14889
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/20025
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/15296

Scores

EPSS 0.0074
EPSS Percentile 49.9%

Details

Status published
Published Apr 08, 2005
Tracked Since Feb 18, 2026