Cross-Site Scripting Vulnerability in NetWin SurgeFTP
CVE-2010-1068

Currently unrated

Key Information:

Vendor

Netwin

Status
Surgeftp
Vendor
CVE Published:
23 March 2010

What is CVE-2010-1068?

The vulnerability in NetWin SurgeFTP 2.3a6 allows attackers to exploit the surgeftpmgr.cgi script by injecting malicious web scripts or HTML code via the domainid and classid parameters during specific class actions. This could lead to unauthorized script execution in users' browsers, compromising sensitive information and leading to further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/38097
third-party-advisoryx_refsource_SECUNIA
http://www.exploit-db.com/exploits/11092
exploitx_refsource_EXPLOIT-DB
https://exchange.xforce.ibmcloud.com/vulnerabilities/55509
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.