Rumpus@* Security Vulnerabilities and Issues — Rumpus@* CVE List

Lucene search

MaxumRumpus*

7 matches found

CVE•added 2020/05/08 4:15 p.m.•126 views

CVE-2020-12737

An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.

6.5CVSS6.3AI score0.00536EPSS

CVE•added 2023/01/12 4:15 p.m.•34 views

CVE-2022-46369

Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.

6.8CVSS5.5AI score0.00057EPSS

CVE•added 2023/01/12 4:15 p.m.•34 views

CVE-2022-46370

Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.

7.5CVSS7.4AI score0.00024EPSS

CVE•added 2023/01/12 4:15 p.m.•33 views

CVE-2022-46368

Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.

8.8CVSS7.8AI score0.00053EPSS

CVE•added 2023/01/12 4:15 p.m.•32 views

CVE-2022-46367

Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.

8.8CVSS8.1AI score0.00047EPSS

CVE•added 2009/08/25 10:30 a.m.•28 views

CVE-2008-7078

Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute arbitrary code via a long argument to the (2) MKD, (3) XMKD, (4) RMD, and other u...

9CVSS8AI score0.40086EPSS

CVE•added 2023/01/12 4:15 p.m.•27 views

CVE-2022-39187

Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.

6.8CVSS6.1AI score0.00059EPSS