Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forms vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2007-0880
Capital Request Forms stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request for inc/common_db.inc.
Capital Request Forms Capital Request Forms
356
VMScore
CVE-2016-0369
XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.
Ibm Forms Experience Builder 8.5
Ibm Forms Experience Builder 8.5.1
Ibm Forms Experience Builder 8.6.0
445
VMScore
CVE-2017-3067
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
Adobe Experience Manager Forms 6.2
Adobe Experience Manager Forms 6.1
Adobe Experience Manager Forms 6.0
383
VMScore
CVE-2019-8089
Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager Forms 6.3
Adobe Experience Manager Forms 6.5
Adobe Experience Manager Forms 6.4
383
VMScore
CVE-2019-7129
Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Adobe Experience Manager Forms 6.3
Adobe Experience Manager Forms 6.2
Adobe Experience Manager Forms 6.4
312
VMScore
CVE-2016-6001
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources.
Ibm Forms Experience Builder 8.6.0
Ibm Forms Experience Builder 8.5
Ibm Forms Experience Builder 8.5.1
NA
CVE-2023-28413
Directory traversal vulnerability in Snow Monkey Forms versions v5.0.6 and previous versions allows a remote unauthenticated malicious user to obtain sensitive information, alter the website, or cause a denial-of-service (DoS) condition.
Snow Monkey Forms Project Snow Monkey Forms
356
VMScore
CVE-2022-31041
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validat...
Maykinmedia Open Forms
Maykinmedia Open Forms 1.1.0
516
VMScore
CVE-2022-31040
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to ...
Maykinmedia Open Forms
Maykinmedia Open Forms 1.10
801
VMScore
CVE-2021-37531
SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, contains an XSLT vulnerability which allows a non-administrative authenticated malicious user to craft a malicious XSL stylesheet file containing a script with OS-level commands, copy it i...
Sap Netweaver Knowledge Management Xml Forms 7.10
Sap Netweaver Knowledge Management Xml Forms 7.11
Sap Netweaver Knowledge Management Xml Forms 7.30
Sap Netweaver Knowledge Management Xml Forms 7.31
Sap Netweaver Knowledge Management Xml Forms 7.40
Sap Netweaver Knowledge Management Xml Forms 7.50
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »