Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maxum vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
5.4
CVSSv3
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
8.8
CVSSv3
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
NA
CVE-2001-0644
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow malicious users to gain privileges on the server.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.3
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server
NA
CVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an malicious user to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 1.3.5
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
Maxum Development Corporation Rumpus Ftp Server 1.3.2
1 EDB exploit
NA
CVE-2001-0646
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote malicious user to perform a denial of service (hang) by creating a directory name of a specific length.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
1 EDB exploit
7.5
CVSSv3
CVE-2022-46370
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
Maxum Rumpus
NA
CVE-2008-7078
Multiple buffer overflows in Rumpus prior to 6.0.1 allow remote malicious users to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute arbitrary code via a long argument to the (2) MKD, (3)...
Maxum Rumpus
1 EDB exploit
8.8
CVSSv3
CVE-2022-46368
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
Maxum Rumpus
5.4
CVSSv3
CVE-2022-46369
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
Maxum Rumpus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »