CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

EUVD-2018-10102

Malware in sbrugna...

EUVD-2018-10101

Malware in sbrugna...

EUVD-2006-0140

Malware in sbrugna...

EUVD-2013-0172

Malware in sbrugna...

CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

CVE-2018-18371

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP serve...

CVE-2018-18371

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP serve...

Cross site scripting

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

Information disclosure

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP serve...

Symantec ProxySG 6.5 < 6.5.10.15 / 6.6 < 6.7.4.2 XSS and Information Disclosure Vulnerabilities (SA1472)

The self-reported SGOS version installed on the remote Symantec ProxySG device is 6.5.x prior to 6.5.10.15 or 6.6.x prior to 6.7.4.2. It is, therefore, affected by the following vulnerabilities: - A cross-site scripting XSS vulnerability in ProxySG FTP proxy WebFTP mode. An authenticated, remote...

CVE-2018-18371

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP serve...

CVE-2018-18371

The CVE-2018-18371 issue affects the ASG/ProxySG FTP proxy WebFTP mode, enabling information disclosure by exposing plaintext credentials stored in the device’s web listing of FTP servers when users access an FTP server via ftp:// in a browser. Affected versions include ASG 6.6 and 6.7 prior to 6...

CVE-2018-18370

The CVE-2018-18370 issue affects ASG/ProxySG FTP proxy WebFTP mode and is a stored XSS vulnerability in the web listing of remote FTP servers. An attacker must be able to upload crafted files to the remote FTP server to inject malicious JavaScript via a ftp:// URL in a browser. Affected versions ...

CVE-2018-18370

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting XSS vulnerability in the WebFTP mode allows a remote attacker to inject malicious JavaScript code in ASG/ProxySG's web...

XSS and Information Disclosure Vulnerabilities in ASG and ProxySG

SUMMARY The Symantec ASG and ProxySG FTP proxy WebFTP mode is susceptible to XSS and information disclosure vulnerabilities. A remote attacker can inject malicious JavaScript code in the web listing of a remote FTP server and obtain authentication credentials for a remote FTP server. AFFECTED...

Oliver Cross-Site Scripting Vulnerability

Oliver formerly known as Webshare is a set of WebFTP resource manager using Ajax and PHP development . A cross-site scripting vulnerability exists in Oliver version 1.3.1, which can be exploited by remote attackers to inject arbitrary web script or HTML...

Monsta Box WebFTP Arbitrary File Read

Application ----------- "MONSTA Box is a lightweight open-source file manager you can install on your website or server to easily manage your files through any browser." Description from the official website http://www.monstahq.com/ Vulnerability ------------- The Monsta Box WebFTP application...

CVE-2013-0129

Multiple cross-site scripting XSS vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via 1 the WebFTP Overview "Create new directory" field or 2 the body of an e-mail autoresponder message...