Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-1003007
A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and previous versions in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows malicious users to execute arbitrary code via a form validation HTTP endpoint.
Jenkins Warnings
NA
CVE-2002-0580
WorkforceROI Xpede 4.1 allows remote malicious users to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the malicious user to more easily conduct brute force password guessing attacks.
Workforceroi Xpede 4.1
5.4
CVSSv3
CVE-2021-38144
An issue exists in Form Tools up to and including 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g., clients/forms/edit_submission.php?form_id=1&view_id=1&submission_id=[XSS].
Formtools Core
7.2
CVSSv3
CVE-2021-24628
The Wow Forms WordPress plugin up to and including 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection
Wow-company Wow Forms
NA
CVE-2010-1126
The JavaScript implementation in WebKit allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
Apple Webkit
4
CVSSv3
CVE-2016-0382
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
Ibm Tealeaf Consumer Experience 8.8.1
Ibm Tealeaf Consumer Experience 9.0
Ibm Tealeaf Consumer Experience 9.0.2
Ibm Tealeaf Consumer Experience 8.7.0
Ibm Tealeaf Consumer Experience 8.7.1
Ibm Tealeaf Consumer Experience 8.8.0
Ibm Tealeaf Consumer Experience 8.7
Ibm Tealeaf Consumer Experience 9.0.1
Ibm Tealeaf Consumer Experience 8.8
Ibm Tealeaf Consumer Experience 8.8.2
NA
CVE-2023-37531
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an malicious user to execute malicious javascript code into a form field of a webpage by a user with privileged access.
NA
CVE-2011-0217
Apple Safari prior to 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote malicious users to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
Apple Safari 1.3.1
Apple Safari 1.2.2
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 5.0.1
Apple Safari 2.0.4
Apple Safari 3.0.3b
Apple Safari 2
Apple Safari 3.1.1
Apple Safari 3.0.1b
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.1.2
Apple Safari 5.0.4
Apple Safari 2.0.1
Apple Safari 2.0.3
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 1.0
NA
CVE-2005-3699
Opera Web Browser 8.50 and 8.0 up to and including 8.0.2 allows remote malicious users to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site.
Opera Opera Browser 8.0
Opera Opera Browser 8.01
Opera Opera Browser 8.02
Opera Opera Browser 8.50
5.5
CVSSv3
CVE-2021-34560
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »