Progress: >> Ws Ftp Server >> 6.1.0.0 Security Vulnerabilities
In WS_FTP Server versions prior to 8.7.4 and 8.8.2,
a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Ad Hoc Transfer module. An attacker could leverage this vulnerability to target WS_FTP Server users with a specialized payload which results in the execution of malicious JavaScript within the context of the victims browser.
CVSS Score
8.3
EPSS Score
0.0
Published
2023-09-27
In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative interface due to insufficient authorization controls applied on user modification workflows.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-02-03
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames.
CVSS Score
5.3
EPSS Score
0.0
Published
2019-06-11
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
CVSS Score
9.0
EPSS Score
0.023
Published
2008-02-05
Page 2