Lucene search
K

68 matches found

Vulnrichment
Vulnrichment
added 2024/10/29 7:56 a.m.18 views

CVE-2024-50484 WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through = 1.0.2...

10CVSS5.9AI score0.00496EPSS
Exploits0References1
CVE
CVE
added 2024/10/29 7:56 a.m.58 views

CVE-2024-50484

CVE-2024-50484 : Unrestricted Upload of File with Dangerous Type in the WordPress plugin “Multi Purpose Mail Form” (Mahlamusa) allows uploading a web shell to the web server. Affected versions: 1.0.2 and earlier. The CVE entry notes an Arbitrary File Upload issue; the provided documents indicate ...

10CVSS5.9AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/29 7:56 a.m.41 views

CVE-2024-50484 WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through = 1.0.2...

10CVSS0.00496EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.5 views

PT-2024-34261 · Unknown · Mahlamusa Multi Purpose Mail Form

Name of the Vulnerable Software and Affected Versions: Mahlamusa Multi Purpose Mail Form versions 1.0.2 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For...

10CVSS6.9AI score0.00496EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/10/25 8:12 a.m.4 views

WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Multi Purpose Mail Form versions = 1.0.2...

10CVSS7AI score0.00496EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.19 views

WordPress Multi Purpose Mail Form Plugin <= 1.0.2 is vulnerable to Arbitrary File Upload

Software Multi Purpose Mail Form Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50484 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 3feda20596e4 Credits Bonds Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/05/22 4:3 p.m.6 views

DRUPAL-CONTRIB-2024-020

The Email Contact module provides email field display formatters that can display the field as a link to the contact form, or as an inline contact form. The module does not sufficiently handle restricted entity or field access to the mail sending form, when the "Email contact link" formatter is...

7.5CVSS6.7AI score0.0039EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:15 a.m.4 views

CVE-2023-42040

PDF-XChange Editor mailForm Use-After-Free Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

7.8CVSS6.1AI score0.0043EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2023/11/01 12:0 a.m.5 views

BaserCMS Code Injection Vulnerability

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A code injection vulnerability exists in baserCMS versions 4.6.0 through 4.7.6, which stems from the application's failure to properly filter special elements of constructed snippets. An attacker can exploit the...

9.8CVSS7AI score0.00573EPSS
Exploits0References1
NVD
NVD
added 2023/10/30 9:15 p.m.24 views

CVE-2023-43792

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

9.8CVSS7.5AI score0.00573EPSS
Exploits0References2
Prion
Prion
added 2023/10/30 9:15 p.m.11 views

Code injection

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

5CVSS9.7AI score0.00573EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/30 8:0 p.m.13 views

CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

5.3CVSS7.2AI score0.00573EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/30 8:0 p.m.27 views

CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

5.3CVSS9.9AI score0.00573EPSS
Exploits0References2
CVE
CVE
added 2023/10/30 8:0 p.m.69 views

CVE-2023-43792

CVE-2023-43792 affects baserCMS, with a Code Injection vulnerability in the mail form for versions 4.6.0–4.7.6 caused by inadequate filtering of constructed snippets. The advisory notes no patched versions at publication, but subsequent records indicate fixes: upgrade to baserCMS 4.7.7 (and 4.8.0...

9.8CVSS7.4AI score0.00573EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/10/30 8:0 p.m.25 views

CVE-2023-43792 baserCMS Code Injection Vulnerability in Mail Form Feature

baserCMS is a website development framework. In versions 4.6.0 through 4.7.6, there is a Code Injection vulnerability in the mail form of baserCMS. As of time of publication, no known patched versions are available...

5.3CVSS5.8AI score0.00573EPSS
Exploits0References4
Veracode
Veracode
added 2023/10/30 7:12 a.m.8 views

Code Injection

basercms is vulnerable to Code Injection. The vulnerability is due to improper sanitization in Mail Form Feature. This can be exploited by the attacker by injecting malicious code via the Mail Form...

9.8CVSS7.3AI score0.00573EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.3 views

baserCMS 代码注入漏洞

baserCMS is an enterprise-level content management system CMS from the baserCMS team. A code injection vulnerability exists in baserCMS versions 4.6.0 through 4.7.6, which stems from the application's failure to properly filter special elements of constructed snippets. An attacker can exploit the...

9.8CVSS7.4AI score0.00573EPSS
Exploits0References3
OSV
OSV
added 2023/10/26 8:52 p.m.15 views

GHSA-VRM6-C878-FPQ6 baserCMS Code Injection Vulnerability in Mail Form Feature

There is a Code Injection Vulnerability in Mail Form to baserCMS. Target baserCMS 4.7.6 and earlier versions Vulnerability Malicious code may be executed in Mail Form Feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more...

5.3CVSS7.5AI score0.00573EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/10/26 8:52 p.m.27 views

baserCMS Code Injection Vulnerability in Mail Form Feature

There is a Code Injection Vulnerability in Mail Form to baserCMS. Target baserCMS 4.7.6 and earlier versions Vulnerability Malicious code may be executed in Mail Form Feature. Countermeasures Update to the latest version of baserCMS Please refer to the following page to reference for more...

9.8CVSS7.1AI score0.00573EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/26 12:0 a.m.5 views

PT-2023-28984 · Basercms · Basercms

Name of the Vulnerable Software and Affected Versions: baserCMS versions 4.6.0 through 4.7.6 Description: The issue is related to a Code Injection vulnerability in the mail form of baserCMS, a website development framework. This vulnerability allows malicious code to be executed in the Mail Form...

9.8CVSS5.7AI score0.00573EPSS
Exploits0References7
Rows per page
Query Builder