Vulnerabilities > Wftpserver

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-37875 Improper Encoding or Escaping of Output vulnerability in Wftpserver Wing FTP Server
Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site Scripting (XSS).This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-116
5.4
5.4
2023-09-12 CVE-2023-37878 Incorrect Default Permissions vulnerability in Wftpserver Wing FTP Server
Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-276
8.8
8.8
2023-09-12 CVE-2023-37879 Insecure Storage of Sensitive Information vulnerability in Wftpserver Wing FTP Server
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-922
7.5
7.5
2023-09-12 CVE-2023-37881 Incorrect Authorization vulnerability in Wftpserver Wing FTP Server
Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-863
8.8
8.8
2021-01-26 CVE-2020-27735 Cross-site Scripting vulnerability in Wftpserver Wing FTP Server 6.4.4
An XSS issue was discovered in Wing FTP 6.4.4.
network
low complexity
wftpserver CWE-79
6.1
6.1
2020-03-07 CVE-2020-9470 Incorrect Permission Assignment for Critical Resource vulnerability in Wftpserver Wing FTP Server
An issue was discovered in Wing FTP Server 6.2.5 before February 2020.
local
low complexity
wftpserver CWE-732
7.8
7.8
2020-03-07 CVE-2020-8635 Incorrect Permission Assignment for Critical Resource vulnerability in Wftpserver Wing FTP Server 6.2.3
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files.
local
low complexity
wftpserver CWE-732
7.8
7.8
2020-03-07 CVE-2020-8634 Improper Preservation of Permissions vulnerability in Wftpserver Wing FTP Server 6.2.3
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions.
local
low complexity
wftpserver CWE-281
7.8
7.8