CVE-2013-5655

YingZhi Python Programming Language for iOS 1.9 - Path Traversal via FTP Server URI

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in the FTP server in YingZhi Python Programming Language for iOS 1.9 allows remote attackers to read and possibly write arbitrary files via a .. (dot dot) in the default URI.

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/08/29/8
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/96719
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/62074
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/08/30/2

Scores

EPSS 0.0176
EPSS Percentile 75.2%

Details

CWE
CWE-22
Status published
Products (1)
xiaowen_huang/yingzhi_python_programming_language 1.9
Published May 14, 2014
Tracked Since Feb 18, 2026