Vulnerabilities > Maxum
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-12 | CVE-2022-39187 | Cross-site Scripting vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors. | 6.1 |
2023-01-12 | CVE-2022-46367 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation. | 8.8 |
2023-01-12 | CVE-2022-46368 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users. | 8.8 |
2023-01-12 | CVE-2022-46369 | Cross-site Scripting vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields. | 5.4 |
2023-01-12 | CVE-2022-46370 | Insufficient Verification of Data Authenticity vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification. | 7.5 |
2021-03-08 | CVE-2020-27576 | Cross-site Scripting vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). | 5.4 |
2021-03-08 | CVE-2020-27575 | OS Command Injection vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. | 8.8 |
2021-03-08 | CVE-2020-27574 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). | 8.8 |
2020-05-08 | CVE-2020-12737 | Path Traversal vulnerability in Maxum Rumpus An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. | 6.5 |
2020-02-10 | CVE-2019-19668 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html. | 4.3 |