Lucene search
K

115 matches found

NVD
NVD
added 2020/02/10 6:15 p.m.19 views

CVE-2019-19670

A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html...

6.1CVSS6.2AI score0.00724EPSS
Exploits1References2
OSV
OSV
added 2020/02/10 6:15 p.m.4 views

CVE-2019-19667

A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html...

5.4CVSS6.1AI score0.00374EPSS
Exploits0References2
OSV
OSV
added 2020/02/10 6:15 p.m.6 views

CVE-2019-19670

A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html...

6.1CVSS6.4AI score0.00724EPSS
Exploits1References2
NVD
NVD
added 2020/02/10 6:15 p.m.20 views

CVE-2019-19669

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html...

6.5CVSS6.5AI score0.00435EPSS
Exploits0References2
OSV
OSV
added 2020/02/10 6:15 p.m.6 views

CVE-2019-19666

A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html...

4.3CVSS5.8AI score0.00379EPSS
Exploits0References2
OSV
OSV
added 2020/02/10 6:15 p.m.4 views

CVE-2019-19661

A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp...

6.1CVSS6.4AI score0.00766EPSS
Exploits0References2
NVD
NVD
added 2020/02/10 6:15 p.m.26 views

CVE-2019-19666

A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html...

4.3CVSS4.7AI score0.00379EPSS
Exploits0References2
Prion
Prion
added 2020/02/10 6:15 p.m.16 views

Cross site scripting

A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html...

4.3CVSS6.2AI score0.00724EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2020/02/10 6:15 p.m.18 views

Cross site scripting

A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp...

4.3CVSS6AI score0.00766EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/02/10 6:15 p.m.12 views

Cross site request forgery (csrf)

A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html...

5.8CVSS5.5AI score0.00374EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/10 6:3 p.m.19 views

CVE-2019-19668

A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html...

4.6AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2020/02/10 6:3 p.m.56 views

CVE-2019-19668

CVE-2019-19668 concerns a CSRF vulnerability in the File Types component of Web File Manager used by Rumpus FTP 8.2.9.1. The issue arises from requests made via RAPR/TriggerServerFunction.html that enable an attacker to add or delete file types configured on the server. Affected product features ...

4.3CVSS4.6AI score0.00379EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/02/10 5:59 p.m.58 views

CVE-2019-19669

CVE-2019-19669 affects Rumpus FTP 8.2.9.1 through the Web File Manager’s Upload Center Forms Component. The CSRF vulnerability allows an attacker to delete, create, and update upload forms via the RAPR/TriggerServerFunction.html endpoint. The affected functionality is the Upload Center Forms Comp...

6.5CVSS6.4AI score0.00435EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/10 5:54 p.m.20 views

CVE-2019-19670

A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html...

6.2AI score0.00724EPSS
Exploits1References2
CVE
CVE
added 2020/02/10 5:54 p.m.61 views

CVE-2019-19670

CVE-2019-19670 affects the Web Settings component of the Web File Manager in Rumpus FTP Server 8.2.9.1. The issue is an HTTP Response Splitting vulnerability that can enable stored XSS and defacement through crafted headers sent to RAPR/WebSettingsGeneralSet.html. Multiple connected sources corro...

6.1CVSS6.1AI score0.00724EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/02/10 5:45 p.m.22 views

CVE-2019-19667

A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html...

5.5AI score0.00374EPSS
Exploits0References2
CVE
CVE
added 2020/02/10 5:45 p.m.62 views

CVE-2019-19667

CVE-2019-19667 describes a CSRF flaw in the Block Clients component of Web File Manager for Rumpus FTP 8.2.9.1. The vulnerability could let an attacker cause a target server to whitelist or block arbitrary IP addresses via the RAPR/BlockedClients.html interface. Affected product is Rumpus FTP’s W...

5.8CVSS5.4AI score0.00374EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/10 5:38 p.m.26 views

CVE-2019-19666

A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html...

4.7AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2020/02/10 5:38 p.m.56 views

CVE-2019-19666

CVE-2019-19666 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create or update event notices via the URL RAPR/EventNoticesSet.html. The connected Red Hat, CNVD/CVE records corroborate the same de...

4.3CVSS4.7AI score0.00379EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/02/10 5:15 p.m.4 views

CVE-2019-19662

A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html...

6.5CVSS6.6AI score0.00435EPSS
Exploits0References2
Rows per page
Query Builder