Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forms project forms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34110
Flask-AppBuilder is an application development framework, built on top of Flask. Prior to version 4.3.2, an authenticated malicious actor with Admin privileges, could by adding a special character on the add, edit User forms trigger a database error, this error is surfaced back t...
Flask-appbuilder Project Flask-appbuilder
NA
CVE-2022-4397
A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to laun...
Zend-blog-2 Project Zend-blog-2 -
5
CVSSv2
CVE-2022-31033
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions before 2.8.5 the Authorization header is leaked after a redirect to a different port on ...
Mechanize Project Mechanize
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.6
CVSSv2
CVE-1999-0384
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
Microsoft Project 98
Microsoft Visual Basic 5.0
Microsoft Office 98
Microsoft Outlook 98
Microsoft Windows Nt
Microsoft Windows 2000
NA
CVE-2018-25055
A vulnerability was found in FarCry Solr Pro Plugin up to 1.5.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file packages/forms/solrProSearch.cfc of the component Search Handler. The manipulation of the argument suggesti...
Farcry Solr Pro Project Farcry Solr Pro
4
CVSSv2
CVE-2020-2251
Jenkins SoapUI Pro Functional Testing Plugin 1.5 and previous versions transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.
Jenkins Jenkins
Jenkins Soapui Pro Functional Testing
7.5
CVSSv2
CVE-2008-0556
Cross-site request forgery (CSRF) vulnerability in OpenCA PKI 0.9.2.5, and possibly earlier versions, allows remote malicious users to perform unauthorized actions as authorized users via a link or IMG tag to RAServer.
Openca Openca Pki
5
CVSSv2
CVE-2014-8493
ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote malicious users to modify the CWMP configuration via a crafted request to Forms/access_cwmp_1.
Zte Zxhn H108l Firmware 4.0.0d Zrq Gr4
2 EDB exploits
5
CVSSv2
CVE-2021-21405
Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provid...
NA
CVE-2022-32189
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go prior to 1.17.13 and 1.18.5, potentially allowing a denial of service.
Golang Go
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »