CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Summary (CVE-2022-27665): Progress Ipswitch WS_FTP Server 8.6.0 is affected by a reflected XSS vulnerability via AngularJS sandbox escape expressions, allowing an attacker to trigger client-side code by submitting crafted input in the subdirectory search bar or Add folder filename fields. The iss...

6.1CVSS7.2AI score0.01096EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/04/03 12:0 a.m.•12 views

CVE-2022-27665

Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...

7.1AI score0.01096EPSS

Exploits1References3

Cvelist•added 2023/04/03 12:0 a.m.•25 views

CVE-2022-27665

7.2AI score0.01096EPSS

Exploits1References3

NVD•added 2019/06/11 9:29 p.m.•10 views

CVE-2019-12144

An issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses th...

9.8CVSS9.8AI score0.00253EPSS

Exploits0References1

NVD•added 2019/06/11 9:29 p.m.•7 views

CVE-2019-12143

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WSFTP usernames as well as filenames...

5.3CVSS5.2AI score0.00013EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by