Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-11033
Applaud HCM 4.0.42+ uses HTML tag fields for HTML inputs in a form. This leads to an XSS vulnerability with a payload starting with the <iframe./> substring.
Applaudsolutions Applaud Hcm 4.0.42\\+
7.5
CVSSv2
CVE-2000-1187
Buffer overflow in the HTML parser for Netscape 4.75 and previous versions allows remote malicious users to execute arbitrary commands via a long password value in a form field.
Netscape Communicator
Netscape Navigator
4.3
CVSSv2
CVE-2021-21666
Jenkins Kiuwan Plugin 1.6.0 and previous versions does not escape query parameters in an error message for a form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.
Jenkins Kiuwan
4.3
CVSSv2
CVE-2020-2169
A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and previous versions does not properly escape a query parameter displayed in an error message, resulting in a reflected XSS vulnerability.
Jenkins Queue Cleanup
5
CVSSv2
CVE-2020-25766
An issue exists in MISP prior to 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.
Misp Misp
7.5
CVSSv2
CVE-2012-0801
lib/formslib.php in Moodle 2.1.x prior to 2.1.4 and 2.2.x prior to 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.1.3
Moodle Moodle 2.1.0
Moodle Moodle 2.2.0
NA
CVE-2023-41944
Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and previous versions does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability.
Jenkins Aws Codecommit Trigger
4.3
CVSSv2
CVE-2017-7672
If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12.
Apache Struts 2.5.2
Apache Struts 2.5.10
Apache Struts 2.5.1
Apache Struts 2.5
Apache Struts 2.5.5
Apache Struts 2.5.10.1
Apache Struts 2.5.8
1 Github repository
1 Article
3.5
CVSSv2
CVE-2018-11549
An issue exists in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a form[qq_10]= substring.
Wuzhicms Wuzhi Cms 4.1.0
6.8
CVSSv2
CVE-2019-1003007
A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and previous versions in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows malicious users to execute arbitrary code via a form validation HTTP endpoint.
Jenkins Warnings
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »