Lucene search
K

4 matches found

CVE
CVE
added 2010/06/23 5:13 p.m.62 views

CVE-2010-2428

CVE-2010-2428 affects Wing FTP Server for Windows 3.5.0 and earlier; the admin_loginok.html page is vulnerable to cross-site scripting via a crafted POST, allowing an authenticated remote attacker to inject arbitrary script/HTML in the user’s browser. Several sources (NVD, OpenVAS, Nessus) corrob...

4.3CVSS5.8AI score0.01994EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2010/06/23 5:13 p.m.19 views

CVE-2010-2428

Cross-site scripting XSS vulnerability in adminloginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request...

5.6AI score0.01994EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2010/06/03 12:0 a.m.29 views

Wing FTP Server 'admin_loginok.html' HTML Injection Vulnerability

Wing FTP Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie- based authentication credentials an...

4.3CVSS6.6AI score0.01994EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/06/03 12:0 a.m.30 views

Wing FTP Server <= 3.5.0 'admin_loginok.html' HTML Injection Vulnerability

Wing FTP Server is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS6.7AI score0.01994EPSS
Exploits1References2
Rows per page
Query Builder