Search
Find a vulnerability
Search criteria
16 vulnerabilities found for rumpus_ftp by maxum
CVE-2019-19668 (GCVE-0-2019-19668)
Vulnerability from nvd – Published: 2020-02-10 18:03 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T18:03:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19668",
"datePublished": "2020-02-10T18:03:50.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19670 (GCVE-0-2019-19670)
Vulnerability from nvd – Published: 2020-02-10 17:54 – Updated: 2024-08-05 02:25
VLAI
Summary
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:54:08.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19670",
"datePublished": "2020-02-10T17:54:08.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19669 (GCVE-0-2019-19669)
Vulnerability from nvd – Published: 2020-02-10 17:59 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:59:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19669",
"datePublished": "2020-02-10T17:59:24.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19667 (GCVE-0-2019-19667)
Vulnerability from nvd – Published: 2020-02-10 17:45 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:45:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19667",
"datePublished": "2020-02-10T17:45:35.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19666 (GCVE-0-2019-19666)
Vulnerability from nvd – Published: 2020-02-10 17:38 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:38:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19666",
"datePublished": "2020-02-10T17:38:58.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19661 (GCVE-0-2019-19661)
Vulnerability from nvd – Published: 2020-02-10 17:29 – Updated: 2024-08-05 02:25
VLAI
Summary
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20%28Un-authenticated%29.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:29:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20%28Un-authenticated%29.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20(Un-authenticated).md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20(Un-authenticated).md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19661",
"datePublished": "2020-02-10T17:29:52.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19664 (GCVE-0-2019-19664)
Vulnerability from nvd – Published: 2020-02-10 16:44 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T16:44:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19664",
"datePublished": "2020-02-10T16:44:15.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19662 (GCVE-0-2019-19662)
Vulnerability from nvd – Published: 2020-02-10 16:49 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Web File Manager\u0027s Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T16:49:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Web File Manager\u0027s Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19662",
"datePublished": "2020-02-10T16:49:17.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19668 (GCVE-0-2019-19668)
Vulnerability from cvelistv5 – Published: 2020-02-10 18:03 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T18:03:50.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19668.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19668",
"datePublished": "2020-02-10T18:03:50.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19669 (GCVE-0-2019-19669)
Vulnerability from cvelistv5 – Published: 2020-02-10 17:59 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:59:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19669.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19669",
"datePublished": "2020-02-10T17:59:24.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19670 (GCVE-0-2019-19670)
Vulnerability from cvelistv5 – Published: 2020-02-10 17:54 – Updated: 2024-08-05 02:25
VLAI
Summary
A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:54:08.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19670.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19670",
"datePublished": "2020-02-10T17:54:08.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19667 (GCVE-0-2019-19667)
Vulnerability from cvelistv5 – Published: 2020-02-10 17:45 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:45:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19667.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19667",
"datePublished": "2020-02-10T17:45:35.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19666 (GCVE-0-2019-19666)
Vulnerability from cvelistv5 – Published: 2020-02-10 17:38 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:38:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19666.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19666",
"datePublished": "2020-02-10T17:38:58.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19661 (GCVE-0-2019-19661)
Vulnerability from cvelistv5 – Published: 2020-02-10 17:29 – Updated: 2024-08-05 02:25
VLAI
Summary
A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20%28Un-authenticated%29.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T17:29:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20%28Un-authenticated%29.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20(Un-authenticated).md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19661%20(Un-authenticated).md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19661",
"datePublished": "2020-02-10T17:29:52.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:12.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19662 (GCVE-0-2019-19662)
Vulnerability from cvelistv5 – Published: 2020-02-10 16:49 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Web File Manager\u0027s Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T16:49:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Web File Manager\u0027s Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19662.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19662",
"datePublished": "2020-02-10T16:49:17.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19664 (GCVE-0-2019-19664)
Vulnerability from cvelistv5 – Published: 2020-02-10 16:44 – Updated: 2024-08-05 02:25
VLAI
Summary
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/harshit-shukla/CVE | x_refsource_MISC |
| https://github.com/harshit-shukla/CVE/blob/master… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:11.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-10T16:44:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/harshit-shukla/CVE",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE"
},
{
"name": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md",
"refsource": "MISC",
"url": "https://github.com/harshit-shukla/CVE/blob/master/CVE-2019-19664.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19664",
"datePublished": "2020-02-10T16:44:15.000Z",
"dateReserved": "2019-12-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:25:11.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}