245 matches found
PT-2023-14919 · Rumpus · Rumpus
Name of the Vulnerable Software and Affected Versions: Rumpus versions 9.0.7.1 Description: The issue is related to improper token verification, which may allow bypassing identity verification. Recommendations: For version 9.0.7.1, at the moment, there is no information about a newer version that...
Rumpus FTP Web File Manager 跨站请求伪造漏洞
Rumpus FTP Web File Manager is a file transfer server. A security vulnerability exists in Rumpus FTP Web File Manager that stems from a privilege escalation vulnerability that could allow privilege escalation...
CVE-2022-46369 Rumpus - FTP server Persistent cross-site scripting (PXSS) – Unspecified vector
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting PXSS – vulnerability may allow inserting scripts into unspecified input fields...
CVE-2022-39187 Rumpus - FTP server Reflected cross-site scripting (RXSS)
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting RXSS vulnerability through unspecified vectors...
CVE-2022-46367 Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation
Rumpus - FTP server Cross-site request forgery CSRF – Privilege escalation vulnerability that may allow privilege escalation...
CVE-2022-46368 Rumpus - FTP server Cross-site request forgery (CSRF) – Create user
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery CSRF – vulnerability may allow unauthorized action on behalf of authenticated users...
CVE-2022-46370 Rumpus - FTP server Improper Token Verification
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification...
CVE-2022-46369 Rumpus - FTP server Persistent cross-site scripting (PXSS) – Unspecified vector
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting PXSS – vulnerability may allow inserting scripts into unspecified input fields...
CVE-2022-39187 Rumpus - FTP server Reflected cross-site scripting (RXSS)
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting RXSS vulnerability through unspecified vectors...
Maxum Rumpus Cross-Site Scripting Vulnerability (CNVD-2021-16356)
Maxum Rumpus is an FTP and Web file transfer server. Maxum Rumpus 8.2.13, 8.2.14 suffers from a cross-site scripting vulnerability that can be exploited by an attacker to inject and execute JavaScript code...
Maxum Rumpus Cross-Site Request Forgery Vulnerability
Maxum Rumpus is an FTP and Web file transfer server. A cross-site request forgery vulnerability exists in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to perform an operation as an authenticated user by tricking a user into visiting a malicious page...
Maxum Rumpus Command Injection Vulnerability
Maxum Rumpus is an FTP and Web file transfer server. A command injection vulnerability exists in a parameter of the Edit User form in Maxum Rumpus 8.2.13, 8.2.14, which can be exploited by an attacker to inject arbitrary commands...
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
CVE-2020-27576
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...
CVE-2020-27575
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
Cross site scripting
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting XSS. Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability...
Command injection
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation...
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery CSRF. If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user...
CVE-2020-27574
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery CSRF. If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user...