Wing Ftp Server Security Vulnerabilities and Issues — Wing Ftp Server CVE List

Lucene search

WftpserverWing Ftp Server

4 matches found

CVE•added 2021/01/26 6:15 p.m.•38 views

CVE-2020-27735

An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.

6.1CVSS5.9AI score0.37EPSS

CVE•added 2012/10/26 10:39 a.m.•37 views

CVE-2012-4729

Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands.

6.8CVSS6.4AI score0.00737EPSS

CVE•added 2015/06/10 6:59 p.m.•37 views

CVE-2015-4108

Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP Server before 4.4.7 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code via a crafted request to admin_lua_script.html or (2) add a domain administrator via a crafte...

6.8CVSS8.1AI score0.00621EPSS

CVE•added 2025/07/10 5:15 p.m.•10 views

CVE-2025-47811

In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they ar...

6.6CVSS9.7AI score0.90058EPSS