Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4706
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension prior to 0.9.24 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sebastian Winterhalder Mailform 0.9.14
Sebastian Winterhalder Mailform 0.9.13
Sebastian Winterhalder Mailform 0.9.12
Sebastian Winterhalder Mailform 0.9.10
Sebastian Winterhalder Mailform
4.3
CVSSv2
CVE-2020-5552
Cross-site scripting vulnerability in mailform version 1.04 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mailform Mailform 1.04
10
CVSSv2
CVE-2020-5553
mailform version 1.04 allows remote malicious users to execute arbitrary PHP code via unspecified vectors.
Mailform Mailform 1.04
6.8
CVSSv2
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Synck Graphica Mailform Pro Cgi 4.1.4
Synck Graphica Mailform Pro Cgi 4.1.5
NA
CVE-2023-27397
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
NA
CVE-2023-27507
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
7.5
CVSSv2
CVE-2010-4939
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Scripts.bdr130 Mailform 1.2
1 EDB exploit
4.3
CVSSv2
CVE-2022-22142
Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
NA
CVE-2023-32610
Mailform Pro CGI 4.3.1.2 and previous versions allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition.
Synck Mailform Pro Cgi
4.3
CVSSv2
CVE-2022-21805
Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »