Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ws ftp vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-12143
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames.
Progress Ws Ftp Server
9.8
CVSSv3
CVE-2019-12144
An issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload th...
Ipswitch Ws Ftp Server
7.5
CVSSv3
CVE-2019-12145
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.
Ipswitch Ws Ftp Server
9.1
CVSSv3
CVE-2019-12146
A Directory Traversal issue exists in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 prior to 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authori...
Ipswitch Ws Ftp Server
NA
CVE-2008-0608
The Logging Server (ftplogsrv.exe) 7.9.14.0 and previous versions in IPSwitch WS_FTP 6.1 allows remote malicious users to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and pr...
Ipswitch Ws Ftp 6.1
7.2
CVSSv3
CVE-2023-24029
In Progress WS_FTP Server prior to 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows.
Progress Ws Ftp Server
8.8
CVSSv3
CVE-2023-40044
In WS_FTP Server versions before 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system.
Progress Ws Ftp Server
1 Github repository
6.1
CVSSv3
CVE-2023-40045
In WS_FTP Server versions before 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in t...
Progress Ws Ftp Server
7.2
CVSSv3
CVE-2023-40046
In WS_FTP Server versions before 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface. An attacker may be able to infer information about the structure and contents of the database and execute SQL statements that alter or delete database e...
Progress Ws Ftp Server
4.8
CVSSv3
CVE-2023-40047
In WS_FTP Server version before 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management module. An attacker with administrative privileges could import a SSL certificate with malicious attributes containing cross-site scripting payloads...
Progress Ws Ftp Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »