Vulnerabilities > Maxum

DATE CVE VULNERABILITY TITLE RISK
2023-01-12 CVE-2022-39187 Cross-site Scripting vulnerability in Maxum Rumpus
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.
network
low complexity
maxum CWE-79
6.1
2023-01-12 CVE-2022-46367 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
network
low complexity
maxum CWE-352
8.8
2023-01-12 CVE-2022-46368 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
network
low complexity
maxum CWE-352
8.8
2023-01-12 CVE-2022-46369 Cross-site Scripting vulnerability in Maxum Rumpus
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
network
low complexity
maxum CWE-79
5.4
2023-01-12 CVE-2022-46370 Insufficient Verification of Data Authenticity vulnerability in Maxum Rumpus
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
network
low complexity
maxum CWE-345
7.5
2021-03-08 CVE-2020-27576 Cross-site Scripting vulnerability in Maxum Rumpus 8.2.13/8.2.14
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS).
network
low complexity
maxum CWE-79
5.4
2021-03-08 CVE-2020-27575 OS Command Injection vulnerability in Maxum Rumpus 8.2.13/8.2.14
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability.
network
low complexity
maxum CWE-78
8.8
2021-03-08 CVE-2020-27574 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.13/8.2.14
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF).
network
low complexity
maxum CWE-352
8.8
2020-05-08 CVE-2020-12737 Path Traversal vulnerability in Maxum Rumpus
An issue was discovered in Maxum Rumpus before 8.2.12 on macOS.
network
low complexity
maxum CWE-22
6.5
2020-02-10 CVE-2019-19668 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
network
low complexity
maxum CWE-352
4.3