Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ipswitch ws ftp server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12144
An issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload th...
Ipswitch Ws Ftp Server
9.1
CVSSv3
CVE-2019-12146
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authori...
Ipswitch Ws Ftp Server
7.5
CVSSv3
CVE-2019-12145
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.
Ipswitch Ws Ftp Server
6.1
CVSSv3
CVE-2022-27665
Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory s...
Progress Ws Ftp Server 8.6.0
1 Github repository
6.1
CVSSv3
CVE-2022-36967
In Progress WS_FTP Server prior to version 8.7.3, multiple reflected cross-site scripting (XSS) vulnerabilities exist in the administrative web interface. It is possible for a remote malicious user to inject arbitrary JavaScript into a WS_FTP administrator's web session. Thi...
Progress Ipswitch Ws Ftp Server
5.3
CVSSv3
CVE-2019-12143
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames.
Progress Ws Ftp Server
4.3
CVSSv3
CVE-2022-36968
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.
Progress Ipswitch Ws Ftp Server
NA
CVE-2008-5692
Ipswitch WS_FTP Server Manager prior to 6.1.1, and possibly other Ipswitch products, allows remote malicious users to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull ac...
Ipswitch Ws Ftp 3.1.1
Ipswitch Ws Ftp 2.01
Ipswitch Ws Ftp
Ipswitch Ws Ftp 3.1.0
Ipswitch Ws Ftp 5.00
Ipswitch Ws Ftp 5.03
Ipswitch Ws Ftp 3.1.3
Ipswitch Ws Ftp 2.02
Ipswitch Ws Ftp 4.01
Ipswitch Ws Ftp 6.0
Ipswitch Ws Ftp 2.03
Ipswitch Ws Ftp 3.0
Ipswitch Ws Ftp 5.02
Ipswitch Ws Ftp 1.0.5
Ipswitch Ws Ftp 4.00
Ipswitch Ws Ftp 5.05
Ipswitch Ws Ftp 5.01
Ipswitch Ws Ftp 5.04
Ipswitch Ws Ftp 3.0.1
Ipswitch Ws Ftp 3.14
Ipswitch Ws Ftp 4.02
Ipswitch Ws Ftp 3.1.2
1 EDB exploit
NA
CVE-2008-5693
Ipswitch WS_FTP Server Manager 6.1.0.0 and previous versions, and possibly other Ipswitch products, might allow remote malicious users to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character.
Ipswitch Ws Ftp 3.1.1
Ipswitch Ws Ftp 2.01
Ipswitch Ws Ftp
Ipswitch Ws Ftp 3.1.0
Ipswitch Ws Ftp 5.00
Ipswitch Ws Ftp 5.03
Ipswitch Ws Ftp 3.1.3
Ipswitch Ws Ftp 2.02
Ipswitch Ws Ftp 4.01
Ipswitch Ws Ftp 6.0
Ipswitch Ws Ftp 2.03
Ipswitch Ws Ftp 3.0
Ipswitch Ws Ftp 5.02
Ipswitch Ws Ftp 1.0.5
Ipswitch Ws Ftp 4.00
Ipswitch Ws Ftp 5.05
Ipswitch Ws Ftp 5.01
Ipswitch Ws Ftp 5.04
Ipswitch Ws Ftp 3.0.1
Ipswitch Ws Ftp 3.14
Ipswitch Ws Ftp 4.02
Ipswitch Ws Ftp 3.1.2
NA
CVE-2008-0608
The Logging Server (ftplogsrv.exe) 7.9.14.0 and previous versions in IPSwitch WS_FTP 6.1 allows remote malicious users to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and pr...
Ipswitch Ws Ftp 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »