20 matches found
EUVD-2019-3793
Malware in sbrugna...
CVE-2022-27665
Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...
CVE-2022-27665
Summary (CVE-2022-27665): Progress Ipswitch WS_FTP Server 8.6.0 is affected by a reflected XSS vulnerability via AngularJS sandbox escape expressions, allowing an attacker to trigger client-side code by submitting crafted input in the subdirectory search bar or Add folder filename fields. The iss...
Progress ipswitch WS_FTP Server 跨站脚本漏洞
Progress ipswitch WSFTP Server is an FTP server software. A security vulnerability exists in Progress ipswitch WSFTP Server version 8.6.0 that originates from improper handling of user-supplied input. An attacker could exploit the vulnerability to execute malicious code and commands on the client...
CVE-2022-27665
Reflected XSS via AngularJS sandbox escape expressions exists in Progress Ipswitch WSFTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add fold...
CVE-2019-12144
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses th...
CVE-2019-12143
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WSFTP usernames as well as filenames...
CVE-2019-12146
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized director...
CVE-2019-12145
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system...
CVE-2019-12146
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized director...
Path traversal
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses th...
Directory traversal
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system...
Directory traversal
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized director...
CVE-2019-12146
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized director...
CVE-2019-12146
CVE-2019-12146 affects Progress Ipswitch WS_FTP Server 2018 before 8.6.1. Vulnerable component: SSHServerAPI.dll; SCP listener flaw allows crafted strings to write files and create directories outside the authorized directory. Attack surface is network-exposed; impact includes potential unauthori...
CVE-2019-12145
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system...
CVE-2019-12145
CVE-2019-12145 affects Progress IPSwitch WS_FTP Server 2018 up to version 8.6.0. The flaw resides in SSHServerAPI.dll, allowing a directory-traversal via crafted strings sent over SCP, enabling an attacker to disclose pathnames on the host operating system. The vulnerability is a path-disclosure ...
CVE-2019-12144
CVE-2019-12144 affects Progress IPSwitch WS_FTP Server 2018 (before 8.6.1). The issue is in SSHServerAPI.dll and enables path traversal via SCP, with potential remote code execution by crafting a payload that abuses the SITE command feature. Multiple connected sources (NVD entry, CNVD entry, PRIO...
CVE-2019-12144
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses th...
CVE-2019-12143
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WSFTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WSFTP usernames as well as filenames...