Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4679
Internet Explorer 6 for Windows XP Service Pack 2 allows remote malicious users to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site.
Microsoft Ie 6
NA
CVE-2008-6907
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated b...
2532gigs 2532gigs 1.2.2
1 EDB exploit
5.5
CVSSv3
CVE-2021-34560
In PEPPERL+FUCHS WirelessHART-Gateway <= 3.0.9 a form contains a password field with autocomplete enabled. The stored credentials can be captured by an attacker who gains control over the user's computer. Therefore the user must have logged in at least once.
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth Firmware
Pepperl-fuchs Wha-gw-f2d2-0-as-z2-eth.eip Firmware
NA
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
NA
CVE-2015-5493
The Entityform Block module 7.x-1.x prior to 7.x-1.3 for Drupal does not properly check permissions when a form is locked to a role, which allows remote malicious users to obtain access to certain entityforms via unspecified vectors.
Entityform Block Project Entityform Block 7.x-1.2
Entityform Block Project Entityform Block 7.x-1.1
Entityform Block Project Entityform Block 7.x-1.x-dev
Entityform Block Project Entityform Block 7.x-1.0
4.3
CVSSv3
CVE-2022-1695
The WP Simple Adsense Insertion WordPress plugin prior to 2.1 does not perform CSRF checks on updates to its admin page, allowing an malicious user to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form.
Tipsandtricks-hq Wp Simple Adsense Insertion
9.8
CVSSv3
CVE-2018-11325
An issue exists in Joomla! Core prior to 3.8.8. The web install application would autofill password fields after either a form validation error or navigating to a previous install step, and display the plaintext password for the administrator account at the confirmation screen.
Joomla Joomla\\!
5.4
CVSSv3
CVE-2020-2244
Jenkins Build Failure Analyzer Plugin 1.27.0 and previous versions does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indica...
Jenkins Build Failure Analyzer
9.8
CVSSv3
CVE-2021-38145
An issue exists in Form Tools up to and including 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user (client) tries to export a form with data, e.g., manipulation of modules/export_manager/export.php?export_group_id=1&export_group_1_resul...
Formtools Core
NA
CVE-2013-4594
The Payment for Webform module 7.x-1.x prior to 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.
Payment For Webform Project Payment For Webform 7.x-1.5
Payment For Webform Project Payment For Webform 7.x-1.2
Payment For Webform Project Payment For Webform 7.x-1.4
Payment For Webform Project Payment For Webform 7.x-1.0
Payment For Webform Project Payment For Webform 7.x-1.1
Payment For Webform Project Payment For Webform 7.x-1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »