Known Vulnerabilities for products from Maxum
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Maxum".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-46370 json | Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification. | 7.5 - HIGH | 2023-01-12 | 2023-01-20 |
| CVE-2022-46369 json | Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into... | 5.4 - MEDIUM | 2023-01-12 | 2023-01-20 |
| CVE-2022-46368 json | Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on beha... | 8.8 - HIGH | 2023-01-12 | 2023-01-20 |
| CVE-2022-46367 json | Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalat... | 8.8 - HIGH | 2023-01-12 | 2023-01-20 |
| CVE-2022-39187 json | Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors. | 6.1 - MEDIUM | 2023-01-12 | 2023-01-20 |
| CVE-2020-27576 json | Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web applica... | 5.4 - MEDIUM | 2021-03-08 | 2021-03-11 |
| CVE-2020-27575 json | Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionalit... | 8.8 - HIGH | 2021-03-08 | 2021-07-21 |
| CVE-2020-27574 json | Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious ... | 8.8 - HIGH | 2021-03-08 | 2021-03-12 |
| CVE-2020-12737 json | An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double... | 6.5 - MEDIUM | 2020-05-08 | 2020-05-13 |
| CVE-2020-8514 json | An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the... | 6.1 - MEDIUM | 2020-02-02 | 2021-09-08 |
| CVE-2019-19670 json | A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server... | 6.1 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19669 json | A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow ... | 6.5 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19668 json | A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to ... | 4.3 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19667 json | A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an atta... | 5.4 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19666 json | A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/u... | 4.3 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19665 json | A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability... | 6.5 - MEDIUM | 2020-02-10 | 2020-02-11 |
| CVE-2019-19664 json | A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability... | 7.1 - HIGH | 2020-02-10 | 2020-02-24 |
| CVE-2019-19663 json | A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to... | 6.5 - MEDIUM | 2020-02-10 | 2020-02-10 |
| CVE-2019-19662 json | A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By e... | 6.5 - MEDIUM | 2020-02-10 | 2020-02-24 |
| CVE-2019-19661 json | A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and ... | 6.1 - MEDIUM | 2020-02-10 | 2023-11-07 |
Known software with vulnerabilities from Maxum
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Maxum | Rumpus | 8.2.10 |
| Application | Maxum | Rumpus Ftp | 8.1 |