Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
maxum vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
312
VMScore
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
578
VMScore
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
668
VMScore
CVE-2001-0644
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow malicious users to gain privileges on the server.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.3
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server
215
VMScore
CVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an malicious user to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 1.3.5
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
Maxum Development Corporation Rumpus Ftp Server 1.3.2
1 EDB exploit
505
VMScore
CVE-2001-0646
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote malicious user to perform a denial of service (hang) by creating a directory name of a specific length.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
1 EDB exploit
NA
CVE-2022-46367
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
Maxum Rumpus
NA
CVE-2022-46368
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
Maxum Rumpus
NA
CVE-2022-46369
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
Maxum Rumpus
356
VMScore
CVE-2020-12737
An issue exists in Maxum Rumpus prior to 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.
Maxum Rumpus
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »