Wftpserver Wing FTP Server 6.4.4

CPE Details

Wftpserver Wing FTP Server 6.4.4
wftpserver
wing_ftp_server
6.4.4
2021-02-01
18h22 +00:00
2021-02-01
18h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:wftpserver:wing_ftp_server:6.4.4:*:*:*:*:*:*:*

Informations

Vendor

wftpserver

Product

wing_ftp_server

Version

6.4.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-37875 2023-09-12 08h17 +00:00 Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site Scripting (XSS).This issue affects Wing FTP Server: <= 7.2.0.
5.4
Medium
CVE-2023-37878 2023-09-12 08h16 +00:00 Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
8.8
High
CVE-2023-37879 2023-09-12 08h15 +00:00 Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <= 7.2.0.
7.5
High
CVE-2023-37881 2023-09-12 08h14 +00:00 Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
8.8
High
CVE-2020-27735 2021-01-20 21h56 +00:00 An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
6.1
Medium