5 matches found
Wing FTP Server <= 7.4.3 - Path Disclosure via Overlong UID Cookie
Wing FTP Server versions prior to 7.4.4 are vulnerable to an authenticated information disclosure vulnerability CVE-2025-47813. The vulnerability occurs due to improper validation of the 'UID' session cookie in the /loginok.html endpoint. Supplying an overlong UID value causes the server to respo...
CVE-2025-47813
loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie...
CVE-2025-47813
Technical details for CVE-2025-47813 are not publicly available in the provided connected documents. Monitor for updates. Initial description notes an information disclosure related to UID cookie length, but no technical specifics are provided here.
CVE-2025-47813
loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie...
CVE-2025-47813
creationtimestamp| type| source ---|---|--- 2025-07-01 19:46:24+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-47813.yaml 2025-07-01 19:46:24+00:00| confirmed|...