Vulmon Recent Vulnerabilities Trends About Contact

mailform vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2020-5553
mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors....
Mailform
383
VMScore
CVE-2009-4706
Cross-site scripting (XSS) vulnerability in the Mailform (mailform) extension before 0.9.24 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Sebastian WinterhalderMailform
445
VMScore
CVE-2000-0877
mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker....
Ranson JohnsonMailform
755
VMScore
CVE-2010-4939
PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the theme parameter....
Scripts.bdr130Mailform
NA
CVE-2020-5552
Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Mailform
383
VMScore
CVE-2007-6751
Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors....
H-fjMailform Plugin
383
VMScore
CVE-2014-3894
Cross-site scripting (XSS) vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header....
Php KoboMultifunctional Mailform Free
605
VMScore
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors....
Synck GraphicaMailform Pro Cgi
605
VMScore
CVE-2007-0610
Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote attackers to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party...
CmsmadesimpleCms Made Simple
605
VMScore
CVE-2018-14268
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
FoxitsoftwareFoxit ReaderPhantompdf
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-8142CVE-2019-17230compass-compile projectinjectCVE-2020-7619XML injectiondebian linuxlinuxfile uploadjscover projectCVE-2020-1728CVE-2020-3947CVE-2020-11107