Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NetwinSurgeftp

2 matches found

CVE
CVEadded 2017/12/29 6:29 p.m.44 views

CVE-2017-17933

cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.

6.1CVSS6AI score0.00211EPSS
Web
CVE
CVEadded 2008/02/27 7:44 p.m.30 views

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails.

6.4CVSS6.6AI score0.08684EPSS