JVN#77634892: mailform vulnerable to PHP code execution

mailform provided by keitai-site.net is a PHP script providing a mail form function to a website. mailform contains a PHP code execution vulnerability CWE-94 on the server where the product is running. Impact Arbitrary PHP code may be executed on the server where the product is running. Solution...

Foxit Reader Type Obfuscation Remote Code Execution Vulnerability (CNVD-2018-15071)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

CVE-2018-14268

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit PDF Reader Javascript MailForm Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to tri...

frutigergeschlechter.ch XSS vulnerability

Vulnerable URL: http://www.frutigergeschlechter.ch/humo-gen/mailform.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 11.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated...

CVE-2015-0883

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors...

Code injection

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2015-0883

SYNCK GRAPHICA Mailform Pro CGI (4.1.4–4.1.5) is vulnerable when the MailAuth module is enabled. A flaw in the email sending process allows remote attackers to execute arbitrary code on the server. Affected component: Mailform Pro CGI’s mail sending path (MailAuth-enabled). Impact: remote arbitra...

CVE-2015-0883

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors...

SYNCK GRAPHICA Mailform Pro Remote Code Execution Vulnerability

Mailform Pro CGI is a mail form application. A security vulnerability exists in Mailform Pro CGI's handling of email delivery, which allows remote attackers to exploit the vulnerability to execute arbitrary code...

SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

JVN#30135729: SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution

Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Impact Arbitrary code may be executed on the server. Solution Update the Software Update to the latest version according to the information provided by th...

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

Cross site scripting

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

CVE-2014-3894

Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...

CVE-2014-3894

CVE-2014-3894 is a documented cross-site scripting (XSS) vulnerability in PHP Kobo’s Multifunctional MailForm Free (≤2014/1/28). The issue stems from how HTTP Referer headers are processed, allowing remote attackers to inject arbitrary scripts/HTML. Affected product: Multifunctional MailForm Free...

Multifunctional MailForm Free vulnerable to cross-site scripting

Overview Multifunctional MailForm Free provided by PHP Kobo contains a cross-site scripting vulnerability. Multifunctional MailForm Free contains an issue in processing HTTP Referer headers, which may cause cross-site scripting. Impact By opening a specially crafted HTML document, an arbitrary...

JVN#41028866: Multifunctional MailForm Free vulnerable to cross-site scripting

Multifunctional MailForm Free contains an issue in processing HTTP Referer headers, which may cause cross-site scripting. Impact By opening a specially crafted HTML document, an arbitrary sctipt may be executed. Solution Update the software Update to the latest version according to the informatio...

MailForm 1.2 - Remote File Include

No description provided by source...

CVE-2007-6751

Cross-site scripting XSS vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...