Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2006-0799
Microsoft Internet Explorer allows remote malicious users to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT subm...
Microsoft Internet Explorer 6.0.2900
NA
CVE-2023-0870
A form can be manipulated with cross-site request forgery in multiple versions of OpenNMS Meridian and Horizon. This can potentially allow an malicious user to gain access to confidential information and compromise integrity. The solution is to upgrade to Meridian 2023.1.1 or Hor...
Opennms Horizon
Opennms Meridian
Opennms Meridian 2023.1.0
6.8
CVSSv2
CVE-2009-4898
Cross-site request forgery (CSRF) vulnerability in TWiki prior to 4.3.2 allows remote malicious users to hijack the authentication of arbitrary users for requests that update pages, as demonstrated by a URL for a save script in the ACTION attribute of a FORM element, in conjuncti...
Twiki Twiki 4.0.5
Twiki Twiki 4.0.4
Twiki Twiki 4.0.3
Twiki Twiki 4.0.2
Twiki Twiki 4.2.4
Twiki Twiki 4.1.2
Twiki Twiki
Twiki Twiki 4.1.0
Twiki Twiki 4.0.1
Twiki Twiki 4.2.3
Twiki Twiki 4.2.2
Twiki Twiki 4.2.1
Twiki Twiki 4.2.0
Twiki Twiki 4.3.0
Twiki Twiki 4.1.1
Twiki Twiki 4.0.0
NA
CVE-2024-0710
The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated malicious users to tamper with the generation of a unique ID on a fo...
1 Github repository
NA
CVE-2024-2108
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an image title embedded into a form in all versions up to, and including, 3.8.0 due to insufficient input sanitization and outpu...
4
CVSSv2
CVE-2022-32154
Dashboards in Splunk Enterprise versions prior to 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to ...
Splunk Splunk
Splunk Splunk Cloud Platform
3.6
CVSSv2
CVE-2017-7761
The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted b...
Mozilla Firefox
Mozilla Firefox Esr
NA
CVE-2022-0851
There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the proce...
Convert2rhel Project Convert2rhel -
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
9.3
CVSSv2
CVE-2009-1600
Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document ...
Apple Safari
9.3
CVSSv2
CVE-2009-1598
Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote malicious users to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document...
Google Chrome -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »