Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
machform machform 4.2.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-6410
An issue exists in Appnitro MachForm prior to 4.2.3. There is a download.php SQL injection via the q parameter.
Machform Machform 4.2.3
1 EDB exploit
5
CVSSv2
CVE-2018-6409
An issue exists in Appnitro MachForm prior to 4.2.3. The module in charge of serving stored files gets the path from the database. Modifying the name of the file to serve on the corresponding ap_form table leads to a path traversal vulnerability via the download.php q parameter.
Machform Machform 4.2.3
1 EDB exploit
7.5
CVSSv2
CVE-2018-6411
An issue exists in Appnitro MachForm prior to 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.
Machform Machform 4.2.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started