VYPR

Rumpus

by Rumpus

CVEs (8)

  • CVE-2007-0019Jan 19, 2007
    risk 0.03cvss epss 0.04

    Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and earlier (1) allow remote authenticated users to execute arbitrary code via a long LIST command and other unspecified requests to the FTP service, and (2) allow remote attackers to execute arbitrary code via…

  • CVE-2022-46370Jan 12, 2023
    risk 0.00cvss epss 0.00

    Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.

  • CVE-2019-19669Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.

  • CVE-2019-19666Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.

  • CVE-2019-19665Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.

  • CVE-2019-19663Feb 10, 2020
    risk 0.00cvss epss 0.00

    A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.

  • CVE-2007-0366Jan 19, 2007
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges via a modified PATH that points to a malicious ipfw program.

  • CVE-2007-0367Jan 19, 2007
    risk 0.00cvss epss 0.00

    Rumpus 5.1 and earlier has weak permissions for certain files and directories under /usr/local/Rumpus, including the configuration file, which allows local users to have an unknown impact by creating, modifying, or deleting files.