CVE-2019-19669

MEDIUM

Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery via Upload Center Forms Component

Title source: llm

Description

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

https://github.com/harshit-shukla/CVE

View Writeup ZIP pw:eip

Third Party Advisory x_refsource_misc

https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md

View Writeup ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0043

EPSS Percentile 34.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-352

Status published

Products (1)

maxum/rumpus_ftp 8.2.9.1

Published Feb 10, 2020

Tracked Since Feb 18, 2026