Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-21805
Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
5
CVSSv2
CVE-2000-0877
mailform.pl CGI script in MailForm 2.0 allows remote malicious users to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
Ranson Johnson Mailform 2.0
NA
CVE-2023-40599
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and previous versions, which allows a remote unauthenticated malicious user to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/sear...
Synck Graphica Mailform Pro Cgi
4.3
CVSSv2
CVE-2014-3894
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an HTTP Referer header.
Php Kobo Multifunctional Mailform Free
NA
CVE-2023-42040
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
4.3
CVSSv2
CVE-2007-6751
Cross-site scripting (XSS) vulnerability in the MailForm plugin prior to 1.20 for Movable Type allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
H-fj Mailform Plugin
H-fj Mailform Plugin 1.10
H-fj Mailform Plugin 1.00
6.8
CVSSv2
CVE-2007-0610
Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote malicious users to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third par...
Cmsmadesimple Cms Made Simple 2.7
6.8
CVSSv2
CVE-2018-14268
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Foxitsoftware Phantompdf
Foxitsoftware Foxit Reader
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2