Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
a-form vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2019-1003007
A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and previous versions in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows malicious users to execute arbitrary code via a form validation HTTP endpoint.
Jenkins Warnings
312
VMScore
CVE-2021-38144
An issue exists in Form Tools up to and including 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g., clients/forms/edit_submission.php?form_id=1&view_id=1&submission_id=[XSS].
Formtools Core
668
VMScore
CVE-2002-0580
WorkforceROI Xpede 4.1 allows remote malicious users to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the malicious user to more easily conduct brute force password guessing attacks.
Workforceroi Xpede 4.1
578
VMScore
CVE-2021-24628
The Wow Forms WordPress plugin up to and including 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection
Wow-company Wow Forms
516
VMScore
CVE-2010-1126
The JavaScript implementation in WebKit allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
Apple Webkit
383
VMScore
CVE-2011-0217
Apple Safari prior to 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote malicious users to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields.
Apple Safari 1.3.1
Apple Safari 1.2.2
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 1.0.0b2
Apple Safari 1.0.1
Apple Safari 5.0.1
Apple Safari 2.0.4
Apple Safari 3.0.3b
Apple Safari 2
Apple Safari 3.1.1
Apple Safari 3.0.1b
Apple Safari 3.1.0b
Apple Safari 3.1.0
Apple Safari 3.1.2
Apple Safari 5.0.4
Apple Safari 2.0.1
Apple Safari 2.0.3
Apple Safari 1.3.0
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 1.0
NA
CVE-2023-37531
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an malicious user to execute malicious javascript code into a form field of a webpage by a user with privileged access.
187
VMScore
CVE-2016-0382
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
Ibm Tealeaf Consumer Experience 8.8.1
Ibm Tealeaf Consumer Experience 9.0
Ibm Tealeaf Consumer Experience 9.0.2
Ibm Tealeaf Consumer Experience 8.7.0
Ibm Tealeaf Consumer Experience 8.7.1
Ibm Tealeaf Consumer Experience 8.8.0
Ibm Tealeaf Consumer Experience 8.7
Ibm Tealeaf Consumer Experience 9.0.1
Ibm Tealeaf Consumer Experience 8.8
Ibm Tealeaf Consumer Experience 8.8.2
445
VMScore
CVE-2005-3699
Opera Web Browser 8.50 and 8.0 up to and including 8.0.2 allows remote malicious users to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site.
Opera Opera Browser 8.0
Opera Opera Browser 8.01
Opera Opera Browser 8.02
Opera Opera Browser 8.50
383
VMScore
CVE-2011-4274
Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile prior to 3.1 plug-ins for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676.
Ark-web A-form Pc
Ark-web A-form Pc Mobile
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »