4 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
CVE-2007-3768
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service restart via a malformed response to a PASV command...
CVE-2007-3769
Cross-site scripting XSS vulnerability in the mirrored server management interface in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response without a status code, which is reflected to the user in the resulting error message. NOTE:...
CVE-2007-3769
CVE-2007-3769 affects SurgeFTP 2.3a1: a reflected XSS in the mirrored server management interface allows user-assisted, remote FTP servers to inject arbitrary web script or HTML via a malformed response, which is shown in the error message. The note indicates this could be leveraged for root acce...