Shodan
Vulnerabilities
Vulnerable Software
Maxum:  >> Rumpus  >> 8.2.9.1  Security Vulnerabilities
CVE-2022-46367
Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
CVSS Score
6.8
EPSS Score
0.0
Published
2023-01-12
CVE-2022-46368
Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-01-12
CVE-2022-46369
Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-01-12
CVE-2022-46370
Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-01-12
CVE-2022-39187
Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2023-01-12
CVE-2019-19660
A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19663
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19665
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19659
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-02-10
CVE-2019-19368
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
CVSS Score
6.1
EPSS Score
0.756
Published
2019-12-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved