CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27575

Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.079

EPSS Ranking 91.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://maxum.com
https://tvrbk.github.io/cve/2021/03/07/rumpus.html
http://maxum.com
https://tvrbk.github.io/cve/2021/03/07/rumpus.html

Products affected by CVE-2020-27575

Maxum » Rumpus » Version: 8.2.13

cpe:2.3:a:maxum:rumpus:8.2.13
Maxum » Rumpus » Version: 8.2.14

cpe:2.3:a:maxum:rumpus:8.2.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27575

Products

Pricing

Contact Us