Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-4706
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension prior to 0.9.24 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sebastian Winterhalder Mailform 0.9.14
Sebastian Winterhalder Mailform 0.9.13
Sebastian Winterhalder Mailform 0.9.12
Sebastian Winterhalder Mailform 0.9.10
Sebastian Winterhalder Mailform
4.3
CVSSv2
CVE-2020-5552
Cross-site scripting vulnerability in mailform version 1.04 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mailform Mailform 1.04
10
CVSSv2
CVE-2020-5553
mailform version 1.04 allows remote malicious users to execute arbitrary PHP code via unspecified vectors.
Mailform Mailform 1.04
6.8
CVSSv2
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Synck Graphica Mailform Pro Cgi 4.1.4
Synck Graphica Mailform Pro Cgi 4.1.5
NA
CVE-2023-27397
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
NA
CVE-2023-27507
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
7.5
CVSSv2
CVE-2010-4939
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Scripts.bdr130 Mailform 1.2
1 EDB exploit
NA
CVE-2023-32610
Mailform Pro CGI 4.3.1.2 and previous versions allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition.
Synck Mailform Pro Cgi
4.3
CVSSv2
CVE-2022-22142
Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
5
CVSSv2
CVE-2000-0877
mailform.pl CGI script in MailForm 2.0 allows remote malicious users to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
Ranson Johnson Mailform 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »