FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| flashfxp | flashfxp | 1.4 |
FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-255,CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| flashfxp | flashfxp | 1.4 |