Filtered by vendor Maxum
Subscribe
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-8514 | 2 Apple, Maxum | 2 Macos, Rumpus | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of the web application after invoking the rename folder functionality. | |||||
CVE-2019-19663 | 1 Maxum | 1 Rumpus | 2024-02-28 | 5.8 MEDIUM | 6.5 MEDIUM |
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html. | |||||
CVE-2019-19660 | 1 Maxum | 1 Rumpus | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html. | |||||
CVE-2008-7078 | 1 Maxum | 1 Rumpus | 2024-02-28 | 9.0 HIGH | N/A |
Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long HTTP verb in the HTTP component; and allow remote authenticated users to execute arbitrary code via a long argument to the (2) MKD, (3) XMKD, (4) RMD, and other unspecified commands in the FTP component. |