Vulnerability Details CVE-2007-4555
Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to create a new admin account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065441.html
- http://osvdb.org/37961
- http://secunia.com/advisories/26529
- http://securityreason.com/securityalert/3068
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36237
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065441.html
- http://osvdb.org/37961
- http://secunia.com/advisories/26529
- http://securityreason.com/securityalert/3068
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36237
Products affected by CVE-2007-4555
-
cpe:2.3:a:ipswitch:ws_ftp:1.0.5
-
cpe:2.3:a:ipswitch:ws_ftp:12.0
-
cpe:2.3:a:ipswitch:ws_ftp:12.0.1
-
cpe:2.3:a:ipswitch:ws_ftp:12.2
-
cpe:2.3:a:ipswitch:ws_ftp:12.3
-
cpe:2.3:a:ipswitch:ws_ftp:12.6.0.3
-
cpe:2.3:a:ipswitch:ws_ftp:2.01
-
cpe:2.3:a:ipswitch:ws_ftp:2.02
-
cpe:2.3:a:ipswitch:ws_ftp:2.03
-
cpe:2.3:a:ipswitch:ws_ftp:2007
-
cpe:2.3:a:ipswitch:ws_ftp:2007.0.0.2
-
cpe:2.3:a:ipswitch:ws_ftp:2007.1.0.0
-
cpe:2.3:a:ipswitch:ws_ftp:3.0
-
cpe:2.3:a:ipswitch:ws_ftp:3.0.1
-
cpe:2.3:a:ipswitch:ws_ftp:3.1.0
-
cpe:2.3:a:ipswitch:ws_ftp:3.1.1
-
cpe:2.3:a:ipswitch:ws_ftp:3.1.2
-
cpe:2.3:a:ipswitch:ws_ftp:3.1.3
-
cpe:2.3:a:ipswitch:ws_ftp:3.14
-
cpe:2.3:a:ipswitch:ws_ftp:4.00
-
cpe:2.3:a:ipswitch:ws_ftp:4.01
-
cpe:2.3:a:ipswitch:ws_ftp:4.02
-
cpe:2.3:a:ipswitch:ws_ftp:5.00
-
cpe:2.3:a:ipswitch:ws_ftp:5.01
-
cpe:2.3:a:ipswitch:ws_ftp:5.02
-
cpe:2.3:a:ipswitch:ws_ftp:5.03
-
cpe:2.3:a:ipswitch:ws_ftp:5.04
-
cpe:2.3:a:ipswitch:ws_ftp:5.05
-
cpe:2.3:a:ipswitch:ws_ftp:6.0
-
cpe:2.3:a:ipswitch:ws_ftp:6.1
-
cpe:2.3:a:ipswitch:ws_ftp:7.5.29.0