Every CVE whose affected-product data names Maxum Rumpus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2008-7078 — CVSS 9.0 (critical): Multiple buffer overflows in Rumpus before 6.0.1 allow remote attackers to (1) cause a denial of service (segmentation fault) via a long…
CVE-2020-27574 — CVSS 8.8 (high): Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page…
CVE-2019-19659 — CVSS 8.8 (high): A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an…
CVE-2020-27575 — CVSS 8.8 (high): Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which…
CVE-2022-46370 — CVSS 7.3 (high): Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.
CVE-2022-46368 — CVSS 6.8 (medium): Rumpus - FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of…
CVE-2022-39187 — CVSS 6.8 (medium): Rumpus - FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.
CVE-2022-46367 — CVSS 6.8 (medium): Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.
CVE-2022-46369 — CVSS 6.8 (medium): Rumpus - FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified…
CVE-2020-12737 — CVSS 6.5 (medium): An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped…
CVE-2019-19665 — CVSS 6.5 (medium): A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in…
CVE-2019-19663 — CVSS 6.5 (medium): A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete…
CVE-2019-19660 — CVSS 6.5 (medium): A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an…
CVE-2020-8514 — CVSS 6.1 (medium): An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a directory name, it is possible to activate JavaScript in the context of…
CVE-2019-19368 — CVSS 6.1 (medium): A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by…
CVE-2020-27576 — CVSS 5.4 (medium): Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The…
CVE-2025-55056 — CVSS 4.8 (medium): Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')