Unrated severityNVD Advisory· Published Jun 24, 2010· Updated Apr 29, 2026
CVE-2010-2428
CVE-2010-2428
Description
Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted POST request.
Affected products
25cpe:2.3:a:wftpserver:wing_ftp_server:*:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:wftpserver:wing_ftp_server:*:*:*:*:*:*:*:*range: <=3.5.0
- cpe:2.3:a:wftpserver:wing_ftp_server:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:wftpserver:wing_ftp_server:3.4.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- archives.neohapsis.com/archives/bugtraq/2010-06/0031.htmlnvdExploit
- labs-werew01f.sectester.net/2010/06/wing-ftp-server-cross-site-scripting.htmlnvdExploit
- seclists.org/fulldisclosure/2010/Jun/128nvdExploit
- seclists.org/fulldisclosure/2010/Jun/49nvdExploit
- www.osvdb.org/65444nvd
- www.securityfocus.com/bid/40510nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/59094nvd
News mentions
0No linked articles in our index yet.