Maxum

maxum

29 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (29)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-19664 1Maxum 1Rumpus Ftp Nov 21, 2024 Feb 10, 2020 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
CVE-2019-19662 1Maxum 1Rumpus Ftp Nov 21, 2024 Feb 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
CVE-2019-19665 1Maxum 1Rumpus Nov 21, 2024 Feb 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVE-2019-19663 1Maxum 1Rumpus Nov 21, 2024 Feb 10, 2020 N/A· v4 6.5 MEDIUM· v3 5.8 MEDIUM· v2 A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVE-2019-19660 1Maxum 1Rumpus Nov 21, 2024 Feb 10, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkS...Show more A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.Show less
CVE-2019-19659 1Maxum 1Rumpus Nov 21, 2024 Feb 10, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details,...Show more A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.Show less
CVE-2020-8514 1Maxum 1Rumpus Nov 21, 2024 Feb 2, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality.
CVE-2019-19368 1Maxum 1Rumpus Nov 21, 2024 Dec 16, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
CVE-2008-7078 1Maxum 1Rumpus Apr 23, 2026 Aug 25, 2009 N/A· v4 N/A· v3 9.0 HIGH· v2 Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute ar...Show more Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute arbitrary code via a long argument to the (2) MKD, (3) XMKD, (4) RMD, and other unspecified commands in the FTP component.Show less