4 matches found
CVE-2010-2428
CVE-2010-2428 affects Wing FTP Server for Windows 3.5.0 and earlier; the admin_loginok.html page is vulnerable to cross-site scripting via a crafted POST, allowing an authenticated remote attacker to inject arbitrary script/HTML in the user’s browser. Several sources (NVD, OpenVAS, Nessus) corrob...
CVE-2010-2428
Cross-site scripting XSS vulnerability in adminloginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request...
Wing FTP Server 'admin_loginok.html' HTML Injection Vulnerability
Wing FTP Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie- based authentication credentials an...
Wing FTP Server <= 3.5.0 'admin_loginok.html' HTML Injection Vulnerability
Wing FTP Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...