Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forms vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2007-0880
Capital Request Forms stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request for inc/common_db.inc.
Capital Request Forms Capital Request Forms
4
CVSSv2
CVE-2016-0369
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
Ibm Forms Experience Builder 8.5
Ibm Forms Experience Builder 8.5.1
Ibm Forms Experience Builder 8.6.0
4.3
CVSSv2
CVE-2019-7129
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager Forms 6.3
Adobe Experience Manager Forms 6.2
Adobe Experience Manager Forms 6.4
4.3
CVSSv2
CVE-2019-8089
Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager Forms 6.3
Adobe Experience Manager Forms 6.5
Adobe Experience Manager Forms 6.4
5
CVSSv2
CVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
Adobe Experience Manager Forms 6.2
Adobe Experience Manager Forms 6.1
Adobe Experience Manager Forms 6.0
3.5
CVSSv2
CVE-2016-6001
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources.
Ibm Forms Experience Builder 8.6.0
Ibm Forms Experience Builder 8.5
Ibm Forms Experience Builder 8.5.1
NA
CVE-2023-28413
Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and previous versions allows a remote unauthenticated malicious user to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.
Snow Monkey Forms Project Snow Monkey Forms
5.8
CVSSv2
CVE-2022-31040
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to ...
Maykinmedia Open Forms
Maykinmedia Open Forms 1.10
4
CVSSv2
CVE-2022-31041
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validat...
Maykinmedia Open Forms
Maykinmedia Open Forms 1.1.0
9
CVSSv2
CVE-2021-37531
SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated malicious user to craft a malicious XSL stylesheet file containing a script with OS-level commands, copy it i...
Sap Netweaver Knowledge Management Xml Forms 7.10
Sap Netweaver Knowledge Management Xml Forms 7.11
Sap Netweaver Knowledge Management Xml Forms 7.30
Sap Netweaver Knowledge Management Xml Forms 7.31
Sap Netweaver Knowledge Management Xml Forms 7.40
Sap Netweaver Knowledge Management Xml Forms 7.50
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »