harshit-shukla

24 exploits Active since Dec 2019
CVE-2019-19659 WRITEUP HIGH WRITEUP
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery in Web File Manager Edit Accounts
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.
CVSS 8.8
CVE-2019-19661 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - Unauthenticated Reflected Cross-Site Scripting via Cookie
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
CVSS 6.1
CVE-2019-19662 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery via Web File Manager Account Management
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
CVSS 6.5
CVE-2019-19663 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Folder Sets Settings
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVSS 6.5
CVE-2019-19664 WRITEUP HIGH WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Web Settings
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
CVSS 7.1
CVE-2019-19665 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in FTP Settings
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVSS 6.5
CVE-2019-19666 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Event Notices Settings
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
CVSS 4.3
CVE-2019-19667 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Block Clients Component
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
CVSS 5.4
CVE-2019-19668 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in File Types Component
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
CVSS 4.3
CVE-2019-19669 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery via Upload Center Forms Component
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.
CVSS 6.5
CVE-2019-19670 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - HTTP Response Splitting via ExtraHTTPHeader
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.
CVSS 6.1
CVE-2019-19368 INTHEWILD MEDIUM WRITEUP
Rumpus FTP Web File Manager 8.2.9.1 - XSS
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
CVSS 6.1
CVE-2019-19659 WRITEUP HIGH WRITEUP
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery in Web File Manager Edit Accounts
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.
CVSS 8.8
CVE-2019-19660 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery via Network Settings
A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.
CVSS 6.5
CVE-2019-19661 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - Unauthenticated Reflected Cross-Site Scripting via Cookie
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
CVSS 6.1
CVE-2019-19662 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - Cross-Site Request Forgery via Web File Manager Account Management
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
CVSS 6.5
CVE-2019-19663 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Folder Sets Settings
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.
CVSS 6.5
CVE-2019-19664 WRITEUP HIGH WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Web Settings
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
CVSS 7.1
CVE-2019-19665 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in FTP Settings
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.
CVSS 6.5
CVE-2019-19666 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Event Notices Settings
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
CVSS 4.3
CVE-2019-19667 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in Block Clients Component
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
CVSS 5.4
CVE-2019-19668 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in File Types Component
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
CVSS 4.3
CVE-2019-19669 WRITEUP MEDIUM WRITEUP
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery via Upload Center Forms Component
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.
CVSS 6.5
CVE-2019-19670 WRITEUP MEDIUM WRITEUP
Rumpus FTP Server 8.2.9.1 - HTTP Response Splitting via ExtraHTTPHeader
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.
CVSS 6.1