CVE-2010-2428
24.06.2010, 12:17
Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request.
| Vendor | Product | Version |
|---|---|---|
| wftpserver | wing_ftp_server | 𝑥 ≤ 3.5.0 |
| wftpserver | wing_ftp_server | 1.1 |
| wftpserver | wing_ftp_server | 1.2 |
| wftpserver | wing_ftp_server | 1.3 |
| wftpserver | wing_ftp_server | 1.4 |
| wftpserver | wing_ftp_server | 1.5 |
| wftpserver | wing_ftp_server | 1.6 |
| wftpserver | wing_ftp_server | 2.0 |
| wftpserver | wing_ftp_server | 2.1 |
| wftpserver | wing_ftp_server | 2.3 |
| wftpserver | wing_ftp_server | 2.4 |
| wftpserver | wing_ftp_server | 3.0.0 |
| wftpserver | wing_ftp_server | 3.1.0 |
| wftpserver | wing_ftp_server | 3.1.2 |
| wftpserver | wing_ftp_server | 3.2.0 |
| wftpserver | wing_ftp_server | 3.2.4 |
| wftpserver | wing_ftp_server | 3.2.8 |
| wftpserver | wing_ftp_server | 3.3.0 |
| wftpserver | wing_ftp_server | 3.3.4 |
| wftpserver | wing_ftp_server | 3.3.5 |
| wftpserver | wing_ftp_server | 3.4.0 |
| wftpserver | wing_ftp_server | 3.4.1 |
| wftpserver | wing_ftp_server | 3.4.2 |
| wftpserver | wing_ftp_server | 3.4.3 |
| wftpserver | wing_ftp_server | 3.4.5 |
𝑥
= Vulnerable software versions
References