Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4706
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension prior to 0.9.24 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sebastian Winterhalder Mailform 0.9.14
Sebastian Winterhalder Mailform 0.9.13
Sebastian Winterhalder Mailform 0.9.12
Sebastian Winterhalder Mailform 0.9.10
Sebastian Winterhalder Mailform
4.3
CVSSv2
CVE-2020-5552
Cross-site scripting vulnerability in mailform version 1.04 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mailform Mailform 1.04
10
CVSSv2
CVE-2020-5553
mailform version 1.04 allows remote malicious users to execute arbitrary PHP code via unspecified vectors.
Mailform Mailform 1.04
6.8
CVSSv2
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Synck Graphica Mailform Pro Cgi 4.1.4
Synck Graphica Mailform Pro Cgi 4.1.5
NA
CVE-2023-27397
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
NA
CVE-2023-27507
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
7.5
CVSSv2
CVE-2010-4939
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Scripts.bdr130 Mailform 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2022-21805
Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
NA
CVE-2023-32610
Mailform Pro CGI 4.3.1.2 and previous versions allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition.
Synck Mailform Pro Cgi
NA
CVE-2022-38400
Mailform Pro CGI 4.3.1 and previous versions allow a remote unauthenticated malicious user to obtain the user input data by having a use of the product to access a specially crafted URL.
Synck Mailform Pro Cgi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26101
buffer overflow
CVE-2022-26766
CVE-2022-46689
CVE-2024-26124
CVE-2024-26059
firmware
hard-coded
CVE-2024-26118
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »