CVE-2024-7745

< 8.8.8

In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor Authentication of the Web Transfer Modu

6.5MEDIUM

CVE-2024-7744

< 8.8.8

In WS_FTP Server versions before 8.8.8 (2022.0.8), an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal

6.5MEDIUM

CVE-2024-1474

< 8.8.5

In WS_FTP Server versions before 8.8.5, reflected cross-site scripting issues have been identified on various user supplied inputs

7.5HIGH

CVE-2023-42659

< 8.7.6

In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc

9.1CRITICAL

CVE-2023-42657

< 8.7.4

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could levera

9.9CRITICAL

CVE-2023-40049

< 8.8.2

In WS_FTP Server version prior to 8.8.2, an unauthenticated user could enumerate files under the 'WebServiceHost' directory list

5.3MEDIUM

CVE-2023-40048

< 8.8.2

In WS_FTP Server version prior to 8.8.2, the WS_FTP Server Manager interface was missing cross-site request forgery (CSRF) prote

6.8MEDIUM

CVE-2023-40047

< 8.8.2

In WS_FTP Server version prior to 8.8.2, a stored cross-site scripting (XSS) vulnerability exists in WS_FTP Server's Management m

8.3HIGH

CVE-2023-40046

< 8.7.4

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a SQL injection vulnerability exists in the WS_FTP Server manager interface.

8.2HIGH

CVE-2023-40045

< 8.7.4

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a reflected cross-site scripting (XSS) vulnerability exists in WS_FTP Server

8.3HIGH

CVE-2023-40044

< 8.7.4

In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerabili

10.0CRITICAL

CVE-2022-27665

all versions

Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to executi

6.1MEDIUM

CVE-2023-24029

< 8.8

In Progress WS_FTP Server before 8.8, it is possible for a host administrator to elevate their privileges via the administrative i

7.2HIGH

CVE-2019-12146

< 8.6.1

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers hav

9.1CRITICAL

CVE-2019-12145

< 8.6.1

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker c

7.5HIGH

CVE-2019-12144

< 8.6.1

An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to ab

9.8CRITICAL

CVE-2019-12143

< 8.6.1

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker c

5.3MEDIUM

CVE-2008-0590

all versions

Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash)

CVE-2007-0666

all versions

Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the

CVE-2006-5001

<= 5.05

Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prev

CVE-2006-5000

all versions

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and

CVE-2006-4974

all versions

Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long respon

CVE-2006-4847

<= 5.05

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary cod

CVE-2004-1135

all versions

Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via

CVE-2004-1885

all versions

Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command t

CVE-2004-1883

all versions

Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causin

CVE-2004-1848

all versions

Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrict

CVE-2004-1643

all versions

WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an in

CVE-2004-1884

all versions

Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain a

CVE-2003-0772

all versions

Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arb

CVE-2002-0826

all versions

Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD comman

CVE-2001-1021

all versions

Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLS

CVE-1999-1171

all versions

IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry k

CVE-1999-0362

all versions

WS_FTP server remote denial of service through cwd command.

CVE-1999-1170

all versions

IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry ke