134 matches found
Sql injection
SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element2 parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element2 parameter...
Unrestricted file upload
Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in the upload form's directory in data/...
CVE-2013-4949
CVE-2013-4949 affects MachForm 2, specifically an unrestricted file upload vulnerability in view.php. An attacker can upload a PHP file and access it in the upload directory (data/), allowing remote code execution. The NVD summary cites MachForm 2 as vulnerable to arbitrary PHP execution via a cr...
CVE-2013-4950
Cross-site scripting XSS vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element2 parameter...
CVE-2013-4948
The CVE-2013-4948 entry details a SQL injection in Machform 2’s view.php, exploitable via the element_2 parameter. This allows remote attackers to execute arbitrary SQL commands, with a CVSS v2 base score of 7.5 (HIGH). The affected software and exact vulnerable component are Machform 2, specific...
CVE-2013-4948
SQL injection vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary SQL commands via the element2 parameter...
CVE-2013-4950
CVE-2013-4950 describes a cross-site scripting (XSS) vulnerability in Machform 2, specifically in the file/view handler view.php . The issue allows remote attackers to inject arbitrary web script or HTML by submitting input in the element_2 parameter. The provided documents do not specify affecte...
CVE-2013-4949
Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in the upload form's directory in data/...
Machform Form Maker 2 XSS / Shell Upload / SQL Injection
Exploit Title: Machform form maker - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.appnitro.com Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2 Special thanks to: Mormoroth Dork1: "Powered by...
Machform Form Maker 2 - Multiple Vulnerabilities
Exploit Title: Machform form maker - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.appnitro.com Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2 Special thanks to: Mormoroth Dork1: "Powered by...
Machform Form Maker 2 - Multiple Vulnerabilities
Machform Form Maker 2 - Multiple Vulnerabilities Exploit Title: Machform form maker - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.appnitro.com Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2...
MachForm Remote Shell Upload
| @@@@@@@@ @@@@@@@@@ @@ @@ @@@@@ @@ @@ @@@@@@@@ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @@@ @ @ @ @ @ @ @ @ @ @ @ | | @@@@@@@@ @@@ @@@ @ @ @ @ @ @ @ @ @ @@@@@@@@ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @ | | @ @ @ @ @ @ @ @ @ @ @ @ @@@ @ | | @@@@@@@@ ...
MachForm 2.4 Remote File Inclusion
=============================== MachForm.v2.4 RFI Vulnerability =============================== Vendor: http://canopus.oron.com/i755lr7evek7np4dpndrvbqcqhs3uj4igorbmlhaqwglgek3qc2old7whll7z4mlrtcyk73t/MachForm.v2.4.PHP.NULL-DGT.zip Date: 2012-1-27 Author : indoushka Exploit By indoushka...