Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maxum vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
8.8
CVSSv3
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
5.4
CVSSv3
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
NA
CVE-2001-0644
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow malicious users to gain privileges on the server.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.3
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server
NA
CVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an malicious user to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 1.3.5
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
Maxum Development Corporation Rumpus Ftp Server 1.3.2
1 EDB exploit
NA
CVE-2001-0646
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote malicious user to perform a denial of service (hang) by creating a directory name of a specific length.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
1 EDB exploit
6.5
CVSSv3
CVE-2020-12737
An issue exists in Maxum Rumpus prior to 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.
Maxum Rumpus
6.1
CVSSv3
CVE-2022-39187
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.
Maxum Rumpus
8.8
CVSSv3
CVE-2022-46367
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
Maxum Rumpus
8.8
CVSSv3
CVE-2022-46368
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
Maxum Rumpus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »