Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-24223
The N5 Upload Form WordPress plugin up to and including 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be hard to guess as it's generated with md5(uniqid(rand())), howeve...
383
VMScore
CVE-2011-1059
Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome prior to 11.0.672.2 and other products, allows user-assisted remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via vectors tha...
Google Chrome
NA
CVE-2022-27546
HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim...
Hcltech Hcl Inotes 11.0.1
Hcltech Hcl Inotes 10.0.1
Hcltech Hcl Inotes 9.0.1
Hcltech Hcl Inotes 10.0
Hcltech Hcl Inotes 11.0
Hcltech Hcl Inotes 12.0
Hcltech Hcl Inotes 12.0.1
Hcltech Domino 10.0.1
Hcltech Domino 9.0.1
Hcltech Domino 11.0
Hcltech Domino 11.0.1
Hcltech Domino 9.0
Hcltech Domino 10.0
Hcltech Domino 12.0
Hcltech Domino 12.0.1
668
VMScore
CVE-2018-8850
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an malicious user to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended...
Philips E-alert Firmware
NA
CVE-2024-35205
The WPS Office (aka cn.wps.moffice_eng) application prior to 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a craf...
383
VMScore
CVE-2007-5934
The LOB functionality in PEAR MDB2 prior to 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote malicious users to use MDB2 as an indirect proxy or obtain sensitive information via a URL into a fo...
Pear Structures Datagrid Datasource Mdb2
383
VMScore
CVE-2021-29435
trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an malicious user to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin ...
516
VMScore
CVE-2018-11041
Cloud Foundry UAA, versions later than 4.6.0 and before 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, all...
Pivotal Software Cloud Foundry Uaa-release
Pivotal Software Cloud Foundry Uaa
383
VMScore
CVE-2019-12741
XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library prior to 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing malicious users to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.ja...
Fhir Hapi Fhir
356
VMScore
CVE-2006-0799
Microsoft Internet Explorer allows remote malicious users to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT subm...
Microsoft Internet Explorer 6.0.2900
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »