CVE-2020-27576

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...

CVE-2020-27575

Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...

Command injection

Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...

Cross site scripting

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...

CVE-2020-27576

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...

CVE-2020-27574

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery CSRF. If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user...

Maxum Rumpus 跨站脚本漏洞

Maxum Rumpus is an FTP and Web file transfer server. Maxum Rumpus 8.2.13, 8.2.14 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject and execute JavaScript code...

Maxum Rumpus 跨站请求伪造漏洞

Maxum Rumpus is an FTP and Web file transfer server. A cross-site request forgery vulnerability exists in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to perform an operation as an authenticated user by tricking a user into visiting a malicious page...

Maxum Rumpus 命令注入漏洞

Maxum Rumpus is an FTP and Web file transfer server. A command injection vulnerability exists in a parameter of the Edit User form in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to inject arbitrary commands...

No title provided

The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password...