Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mailform vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4706
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension prior to 0.9.24 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sebastian Winterhalder Mailform 0.9.14
Sebastian Winterhalder Mailform 0.9.13
Sebastian Winterhalder Mailform 0.9.12
Sebastian Winterhalder Mailform 0.9.10
Sebastian Winterhalder Mailform
6.1
CVSSv3
CVE-2020-5552
Cross-site scripting vulnerability in mailform version 1.04 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mailform Mailform 1.04
9.8
CVSSv3
CVE-2020-5553
mailform version 1.04 allows remote malicious users to execute arbitrary PHP code via unspecified vectors.
Mailform Mailform 1.04
NA
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Synck Graphica Mailform Pro Cgi 4.1.4
Synck Graphica Mailform Pro Cgi 4.1.5
9.8
CVSSv3
CVE-2023-27397
Unrestricted upload of file with dangerous type exists in MicroEngine Mailform version 1.1.0 to 1.1.8. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
9.8
CVSSv3
CVE-2023-27507
MicroEngine Mailform version 1.1.0 to 1.1.8 contains a path traversal vulnerability. If the product's file upload function and server save option are enabled, a remote attacker may save an arbitrary file on the server and execute it.
Microengine Mailform
NA
CVE-2010-4939
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Scripts.bdr130 Mailform 1.2
1 EDB exploit
6.1
CVSSv3
CVE-2022-22142
Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
7.5
CVSSv3
CVE-2023-32610
Mailform Pro CGI 4.3.1.2 and previous versions allows a remote unauthenticated malicious user to cause a denial-of-service (DoS) condition.
Synck Mailform Pro Cgi
6.1
CVSSv3
CVE-2022-21805
Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated malicious user to inject an arbitrary script via unspecified vectors.
Econosys-system Php Mailform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »