CVE-2010-1068
NetWin SurgeFTP 2.3a6 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allow remote attackers to inject arbitrary web script or HTML via the (1) domainid or (2) classid parameter in a class action.
Scores
EPSS
0.0029
EPSS Percentile
51.6%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
netwin/surgeftp
n/a/n/a
Timeline
Published
Mar 23, 2010
Tracked Since
Feb 18, 2026