CVE Tools

maxum

Consumer Softwarecommercial

23

Cumulative CVEs

3

Monthly snapshots

#36

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting maxum.

CVE-2025-55059CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')4.8Nov 17, 2025
CVE-2025-55058CWE-20 Improper Input Validation4.5Nov 17, 2025
CVE-2025-55057Multiple CWE-352 Cross-Site Request Forgery (CSRF)4.5Nov 17, 2025
CVE-2025-55056Multiple CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')4.8Nov 17, 2025
CVE-2025-55055CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')6.8Nov 17, 2025
CVE-2022-46370Rumpus - FTP server Improper Token Verification 7.3Jan 12, 2023
CVE-2022-46369Rumpus - FTP server Persistent cross-site scripting (PXSS) – Unspecified vector6.8Jan 12, 2023
CVE-2022-46368Rumpus - FTP server Cross-site request forgery (CSRF) – Create user6.8Jan 12, 2023
CVE-2022-46367Rumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalation6.8Jan 12, 2023
CVE-2022-39187Rumpus - FTP server Reflected cross-site scripting (RXSS)6.8Jan 12, 2023
CVE-2020-27576Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored ...5.4Mar 8, 2021
CVE-2020-27575Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form ...8.8Mar 8, 2021
CVE-2020-27574Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as th...8.8Mar 8, 2021
CVE-2020-12737An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.6.5May 8, 2020
CVE-2019-19668A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/Trigge...4.3Feb 10, 2020