RSS   Podatności dla 'Rumpus ftp'   RSS

2020-02-10
 
CVE-2019-19668

CWE-352
 

 
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.

 
 
CVE-2019-19670

NVD-CWE-Other
 

 
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.

 
 
CVE-2019-19669

CWE-352
 

 
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.

 
 
CVE-2019-19667

CWE-352
 

 
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.

 
 
CVE-2019-19666

CWE-352
 

 
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.

 
 
CVE-2019-19661

CWE-79
 

 
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.

 

 >>> Vendor: Maxum 2 Produkty
Rumpus
Rumpus ftp


Copyright 2024, cxsecurity.com

 

Back to Top