Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netwin surgeftp vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-17933
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.
Netwin Surgeftp 23f2
NA
CVE-2008-1052
The administration web interface in NetWin SurgeFTP 2.3a2 and previous versions allows remote malicious users to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails.
Netwin Surgeftp 2.3a2
1 EDB exploit
NA
CVE-2010-1068
Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote malicious users to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action.
Netwin Surgeftp 2.3a6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2