CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...

5.4CVSS6.1AI score0.10123EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:50 a.m.•4 views

CVE-2024-37764

MachForm up to version 19 is affected by an authenticated stored cross-site scripting...

5.4CVSS6.4AI score0.07136EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:50 a.m.•4 views

CVE-2024-37762

MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution...

9.9CVSS7.4AI score0.28046EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 8:50 a.m.•4 views

CVE-2024-37765

Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...

8.8CVSS7.7AI score0.11056EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 7:6 p.m.•3 views

CVE-2021-20105

Machform prior to version 16 is vulnerable to an open redirect in Safariinit.php due to an improperly sanitized 'ref' parameter...

6.1CVSS6.8AI score0.00215EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:6 p.m.•5 views

CVE-2021-20103

Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php...

6.1CVSS6AI score0.0024EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:6 p.m.•5 views

CVE-2021-20101

Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. This could cause a victim to receive malformed content...

6.1CVSS7AI score0.0024EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:6 p.m.•8 views

CVE-2021-20104

Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php...

8.1CVSS8AI score0.01291EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:16 p.m.•6 views

CVE-2021-20102

Machform prior to version 16 is vulnerable to cross-site request forgery due to a lack of CSRF tokens in place...

8.8CVSS6.8AI score0.00145EPSS

Exploits0References1

RedhatCVE•added 2025/02/06 2:32 a.m.•2 views

CVE-2025-24636

Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...

7.1CVSS7.2AI score0.00104EPSS

Exploits0References1

NVD•added 2025/01/24 6:15 p.m.•5 views

CVE-2025-24636

Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...

7.1CVSS0.00104EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by