CVE-2025-65418

docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url...

CVE-2025-61313

The CVE-2025-61313 entry concerns a reflected XSS in the dfm-menu_markeralerts.php component of GmbH Mecury Managed Print Services (docuForm) version 11.11c. The vulnerability allows an attacker to execute arbitrary JavaScript in a user’s browser by injecting a crafted payload into an unfiltered ...

PT-2026-39611

Name of the Vulnerable Software and Affected Versions docuForm version 11.11c Description A reflected cross-site scripting XSS issue exists in the 'dfm-menu orderopt.php' component. This allows attackers to execute arbitrary JavaScript in a user's browser by injecting a crafted payload into an...

PT-2026-39608

A reflected cross-site scripted XSS vulnerability in the dfm-menu alerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities

No description provided by source. !-- docuFORM Mercury WebApp 6.16a/5.20 Multiple Cross-Site Scripting Vulnerabilities Vendor: docuFORM GmbH Product web page: http://www.docuform.de Affected version: 6.16a and 5.20 Summary: Unlimited options for production printing and customer solutions. Desc:...

docuFORM Mercury Multiple XSS Vulnerabilities

docuFORM Mercury is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

docuFORM Mercury WebApp 6.16a/5.20 Multiple XSS Vulnerabilities

Exploit for php platform in category web applications docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hidd...

docuFORM Mercury WebApp 6.16a / 5.20 Cross Site Scripting

docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hidden" name="aacfunc" value="...

docuFORM Mercury WebApp 6.16a5.20 - Multiple Cross-Site Scripting Vulnerabilities

docuFORM Mercury WebApp 6.16a5.20 - Multiple Cross-Site Scripting Vulnerabilities docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hidden" name="aacfunc" value="O...

docuFORM Mercury WebApp 6.16a/5.20 Multiple Cross-Site Scripting Vulnerabilities

Summary Unlimited options for production printing and customer solutions. Description The Mercury Web Application suffers from multiple XSS vulnerabilities when parsing user input thru the GET parameter 'thisurl' and the POST parameter 'aasfunc' in fstate.php, flist.php, fjob.php and fheader.php...

docuFORM Mercury WebApp 6.16a/5.20 - Multiple Cross-Site Scripting Vulnerabilities

docuFORM Mercury WebApp 6.16a Multiple Cross-Site Scripting Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; alert1" / input type="hid...