Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rumpus vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
8.8
CVSSv3
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
5.4
CVSSv3
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.
Maxum Rumpus 8.2.13
Maxum Rumpus 8.2.14
NA
CVE-2001-0644
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow malicious users to gain privileges on the server.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.3
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server
NA
CVE-2001-0706
Maximum Rumpus FTP Server 2.0.3 dev and before allows an malicious user to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders.
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 1.3.5
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
Maxum Development Corporation Rumpus Ftp Server 1.3.2
1 EDB exploit
NA
CVE-2001-0646
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote malicious user to perform a denial of service (hang) by creating a directory name of a specific length.
Maxum Development Corporation Rumpus Ftp Server 1.3.2
Maxum Development Corporation Rumpus Ftp Server 1.3.4
Maxum Development Corporation Rumpus Ftp Server 2.0.3dev
1 EDB exploit
8.8
CVSSv3
CVE-2022-46367
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
Maxum Rumpus
8.8
CVSSv3
CVE-2022-46368
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
Maxum Rumpus
5.4
CVSSv3
CVE-2022-46369
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
Maxum Rumpus
7.5
CVSSv3
CVE-2022-46370
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
Maxum Rumpus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »