Known Vulnerabilities for products from Wftpserver
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Wftpserver".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44403 json | Wing FTP Server before 8.1.3 contains an authenticated remote code execution vulnerability in the session serialization mecha... | Not Provided | 2026-05-12 | 2026-05-14 |
| CVE-2023-37881 json | Weak access control in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FTP Server:... | 8.8 - HIGH | 2023-09-12 | 2023-09-15 |
| CVE-2023-37879 json | Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affe... | 7.5 - HIGH | 2023-09-12 | 2023-09-15 |
| CVE-2023-37878 json | Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege escalation.This issue affects Wing FT... | 8.8 - HIGH | 2023-09-12 | 2023-09-14 |
| CVE-2023-37875 json | Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site Scripting (XSS).This issue aff... | 5.4 - MEDIUM | 2023-09-12 | 2023-09-14 |
| CVE-2020-27735 json | An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted li... | 6.1 - MEDIUM | 2021-01-26 | 2021-02-02 |
| CVE-2020-9470 json | An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cook... | 7.8 - HIGH | 2020-03-07 | 2021-07-21 |
| CVE-2020-8635 json | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration ... | 7.8 - HIGH | 2020-03-07 | 2021-07-21 |
| CVE-2020-8634 json | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file managem... | 7.8 - HIGH | 2020-03-07 | 2020-03-09 |
| CVE-2015-4108 json | Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP Server before 4.4.7 allow remote attackers to hijack t... | Not Provided | 2015-06-10 | 2026-05-06 |
| CVE-2012-4729 json | Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip comman... | Not Provided | 2012-10-26 | 2026-04-29 |
| CVE-2010-2428 json | Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Wind... | Not Provided | 2010-06-24 | 2026-04-29 |
| CVE-2009-0351 json | Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a ... | Not Provided | 2009-01-29 | 2026-04-23 |
| CVE-2008-5666 json | WinFTP FTP Server 2.3.0, when passive (aka PASV) mode is used, allows remote authenticated users to cause a denial of service... | Not Provided | 2008-12-19 | 2026-04-23 |
Known software with vulnerabilities from Wftpserver
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Wftpserver | Wing Ftp Server | 1.1 |