Rumpus Security Vulnerabilities and Issues — Rumpus CVE List

Lucene search

MaxumRumpus

6 matches found

CVE•added 2020/05/08 4:15 p.m.•126 views

CVE-2020-12737

An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.

6.5CVSS6.3AI score0.00536EPSS

CVE•added 2020/02/02 3:15 p.m.•79 views

CVE-2020-8514

An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality.

6.1CVSS6.2AI score0.00288EPSS

CVE•added 2020/02/10 4:15 p.m.•41 views

CVE-2019-19659

A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.

8.8CVSS8.7AI score0.00177EPSS

CVE•added 2020/02/10 4:15 p.m.•40 views

CVE-2019-19665

A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.

6.5CVSS6.5AI score0.00161EPSS

CVE•added 2020/02/10 4:15 p.m.•39 views

CVE-2019-19660

A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.

6.5CVSS6.5AI score0.00161EPSS

CVE•added 2020/02/10 4:15 p.m.•38 views

CVE-2019-19663

A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.

6.5CVSS6.4AI score0.00161EPSS