VULHUB ™

PurePostPro is a freely available, open source script add-on to the ProFTPD ftp server. It was written and is maintained by Peter Garner. A user uploading a file to a PureFTPD server running PurePostPro may inject or modify arbitrary SQL commands through malicious file names. By uploading a file with a name containing quotes, it is possible for the user to escape the current SQL query to modify logic of the query.

PurePostPro is a freely available, open source script add-on to the ProFTPD ftp server. It was written and is maintained by Peter Garner. A user uploading a file to a PureFTPD server running PurePostPro may inject or modify arbitrary SQL commands through malicious file names. By uploading a file with a name containing quotes, it is possible for the user to escape the current SQL query to modify logic of the query.