• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

FlashFXP FTP Password Disclosure Vulnerability

FlashFXP is prone to a vulnerability which may cause FTP authentication credentials to be disclosed to local attackers.

FTP passwords will be revealed to local attackers who edit transfer queue properties.

This may allow local attackers to gain unauthorized access for FTP sites that other local users have access to.