VYPR

Web File Manager

by Rumpus FTP Server

CVEs (2)

  • CVE-2019-19670MedFeb 10, 2020
    risk 0.40cvss 6.1epss 0.01

    A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.

  • CVE-2019-19661MedFeb 10, 2020
    risk 0.40cvss 6.1epss 0.01

    A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.