Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress ws ftp server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40046
In WS_FTP Server versions before 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database e...
Progress Ws Ftp Server
NA
CVE-2023-40047
In WS_FTP Server version before 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads...
Progress Ws Ftp Server
NA
CVE-2023-40048
In WS_FTP Server version before 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) protection on a POST transaction corresponding to a WS_FTP Server administrative function.
Progress Ws Ftp Server
NA
CVE-2023-40049
In WS_FTP Server version before 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory listing.
Progress Ws Ftp Server
NA
CVE-2023-42657
In WS_FTP Server versions before 8.7.4 and 8.8.2, a directory traversal vulnerability exists. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers co...
Progress Ws Ftp Server
NA
CVE-2023-42659
In WS_FTP Server versions before 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hostin...
Progress Ws Ftp Server
5
CVSSv2
CVE-2019-12143
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames.
Progress Ws Ftp Server
NA
CVE-2023-24029
In Progress WS_FTP Server prior to 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows.
Progress Ws Ftp Server
7.5
CVSSv2
CVE-2002-0826
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.
Progress Ws Ftp Server 3.1.1
NA
CVE-2022-36968
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.
Progress Ipswitch Ws Ftp Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »