Maxum

A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts

Rumpus – FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow bypassing identity verification.

Rumpus – FTP server version 9.0.7.1 Persistent cross-site scripting (PXSS) – vulnerability may allow inserting scripts into unspecified input fields.

Rumpus – FTP server version 9.0.7.1 Cross-site request forgery (CSRF) – vulnerability may allow unauthorized action on behalf of authenticated users.

Rumpus – FTP server Cross-site request forgery (CSRF) – Privilege escalation vulnerability that may allow privilege escalation.

Rumpus – FTP server version 9.0.7.1 has a Reflected cross-site scripting (RXSS) vulnerability through unspecified vectors.