CVE-2018-19999 — CVSS 7.8 (high): The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass…
CVE-2018-15906 — CVSS 7.2 (high): SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and…
CVE-2019-13182 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability exists in the web UI of SolarWinds Serv-U FTP Server 15.1.7.
CVE-2019-19829 — CVSS 5.4 (medium): A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U FTP Server 15.1.7 in the email parameter, a different vulnerability…
CVE-2018-19934 — CVSS 4.8 (medium): SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST…
CVE-2020-22428 — CVSS 4.8 (medium): SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scripting (XSS) via a directory name (entered by an admin) containing a…