C0D3R

**Name of the Vulnerable Software and Affected Versions** Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite version 3.0 **Description** The issue is related to a buffer overflow in Unicode processing within the logging functionality. This can be triggered by sending a command with a long argument, which then causes a buffer overflow when an admin selects the Logging section in the FTP server main window, potentially allowing remote authenticated users to execute arbitrary code. **Recommendations** For version 3.0, consider disabling the logging functionality until a fix is available to prevent potential exploitation. Restrict access to the FTP server main window's Logging section to minimize the risk of triggering the buffer overflow. Avoid using long arguments in commands to the FTP server to reduce the likelihood of exploitation.

**Name of the Vulnerable Software and Affected Versions** EcommPro version 3.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `password` field in the login.asp file. This can potentially lead to unauthorized access and data manipulation. **Recommendations** For EcommPro version 3.0, consider validating and sanitizing user input in the `password` field to prevent SQL injection attacks. As a temporary workaround, restrict access to the login.asp file until a proper fix is applied.