Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2022-38400
Mailform Pro CGI 4.3.1 and previous versions allow a remote unauthenticated malicious user to obtain the user input data by having a use of the product to access a specially crafted URL.
Synck Mailform Pro Cgi
NA
CVE-2000-0877
mailform.pl CGI script in MailForm 2.0 allows remote malicious users to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
Ranson Johnson Mailform 2.0
7.5
CVSSv3
CVE-2023-40599
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and previous versions, which allows a remote unauthenticated malicious user to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/sear...
Synck Graphica Mailform Pro Cgi
NA
CVE-2014-3894
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an HTTP Referer header.
Php Kobo Multifunctional Mailform Free
NA
CVE-2023-42040
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
NA
CVE-2007-6751
Cross-site scripting (XSS) vulnerability in the MailForm plugin prior to 1.20 for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
H-fj Mailform Plugin
H-fj Mailform Plugin 1.10
H-fj Mailform Plugin 1.00
NA
CVE-2007-0610
Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote malicious users to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third par...
Cmsmadesimple Cms Made Simple 2.7
8.8
CVSSv3
CVE-2018-14268
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2