CVEDB API

Vulnerabilities

Vulnerable Software

Maxum: >> Rumpus >> 8.2.10 Security Vulnerabilities

CVE-2022-46367

Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.

CVSS Score

6.8

EPSS Score

0.0

Published

2023-01-12

CVE-2022-46368

Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.

CVSS Score

6.8

EPSS Score

0.001

Published

2023-01-12

CVE-2022-46369

Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.

CVSS Score

6.8

EPSS Score

0.001

Published

2023-01-12

CVE-2022-46370

Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.

CVSS Score

7.3

EPSS Score

0.0

Published

2023-01-12

CVE-2022-39187

Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.

CVSS Score

6.8

EPSS Score

0.001

Published

2023-01-12

CVE-2020-8514

An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality.

CVSS Score

6.1

EPSS Score

0.003

Published

2020-02-02

Page 1

Vulnerabilities

Vulnerable Software

Maxum: >> Rumpus >> 8.2.10 Security Vulnerabilities

Products

Pricing

Contact Us