Vulnerabilities > Maxum > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-12 | CVE-2022-39187 | Cross-site Scripting vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors. | 6.1 |
| 2023-01-12 | CVE-2022-46369 | Cross-site Scripting vulnerability in Maxum Rumpus Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields. | 5.4 |
| 2021-03-08 | CVE-2020-27575 | Command Injection vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. | 6.5 |
| 2021-03-08 | CVE-2020-27574 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.13/8.2.14 Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). | 6.8 |
| 2020-05-08 | CVE-2020-12737 | Path Traversal vulnerability in Maxum Rumpus An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. | 4.0 |
| 2020-02-10 | CVE-2019-19668 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html. | 4.3 |
| 2020-02-10 | CVE-2019-19670 | Unspecified vulnerability in Maxum Rumpus FTP 8.2.9.1 A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. network maxum | 4.3 |
| 2020-02-10 | CVE-2019-19669 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. | 5.8 |
| 2020-02-10 | CVE-2019-19667 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html. | 5.8 |
| 2020-02-10 | CVE-2019-19666 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. | 4.3 |