Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In February 2020
CVE-2019-19670
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-02-10
CVE-2019-19661
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19666
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19662
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19664
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
CVSS Score
7.1
EPSS Score
0.002
Published
2020-02-10
CVE-2013-2108
WordPress WP Cleanfix Plugin 2.4.4 has CSRF
CVSS Score
5.4
EPSS Score
0.002
Published
2020-02-10
CVE-2013-2109
WordPress plugin wp-cleanfix has Remote Code Execution
CVSS Score
8.8
EPSS Score
0.004
Published
2020-02-10
CVE-2019-19660
A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19663
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19665
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved