CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

144 matches found

Japan Vulnerability Notes•added 2022/09/05 6:22 a.m.•1 views

SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability CWE-200. Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulerability, it is...

5.9CVSS6.1AI score0.00329EPSS

Exploits1References7

Japan Vulnerability Notes•added 2022/09/05 12:0 a.m.•33 views

JVN#34205166: SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure

Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability CWE-200. Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulnerability, it is require...

5.9CVSS5.5AI score0.00329EPSS

Exploits1

CNNVD•added 2022/09/05 12:0 a.m.•2 views

SYNCK GRAPHICA Mailform Pro CGI 信息泄露漏洞

SYNCK GRAPHICA Mailform Pro CGI is a mail form from SYNCK GRAPHICA Japan. It can be used as a multiple transmission, questionnaire form, and application form. A security vulnerability exists in SYNCK GRAPHICA Mailform Pro CGI prior to version 4.3.1, which stems from the Thanks module saving user...

5.9CVSS5.3AI score0.00329EPSS

Exploits1References6

ATTACKERKB•added 2022/02/08 11:15 a.m.•3 views

CVE-2022-22142

Reflected cross-site scripting vulnerability in the checkbox of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS6.4AI score0.00931EPSS

Exploits0References3Affected Software1

Japan Vulnerability Notes•added 2022/01/20 6:42 a.m.•1 views

Multiple cross-site scripting vulnerabilities in php_mailform

Overview phpmailform provided by econosys system contains multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability regarding the checkbox CWE-79 - CVE-2022-22142 Reflected cross-site scripting vulnerability regarding the attached file name CWE-79 -...

6.1CVSS6.2AI score0.00931EPSS

Exploits0References7

CNNVD•added 2022/01/20 12:0 a.m.•2 views

Econosys System Php_Mailform 跨站脚本漏洞

Econosys System PhpMailform is a customizable open source Php mail form from Econosys System, Japan. A cross-site scripting vulnerability exists in econosys system phpmailform, which stems from insufficient cleanup of user-supplied data in attached filenames. A remote attacker could trick a victi...

6.1CVSS6.4AI score0.00931EPSS

Exploits0References4

OSV•added 2020/03/25 2:15 a.m.•1 views

CVE-2020-5553

mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors...

9.8CVSS7.5AI score0.02142EPSS

Exploits0References1

NVD•added 2020/03/25 2:15 a.m.•8 views

CVE-2020-5552

Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS6.1AI score0.00313EPSS

Exploits0References1

OSV•added 2020/03/25 2:15 a.m.•1 views

CVE-2020-5552

Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1CVSS5.9AI score0.00313EPSS

Exploits0References1

NVD•added 2020/03/25 2:15 a.m.•6 views

CVE-2020-5553

mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors...

10CVSS9.8AI score0.02142EPSS

Exploits0References1

Prion•added 2020/03/25 2:15 a.m.•7 views

Cross site scripting

Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00313EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/03/25 1:25 a.m.•11 views

CVE-2020-5553

mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors...

9.9AI score0.02142EPSS

Exploits0References1

Cvelist•added 2020/03/25 1:25 a.m.•9 views

CVE-2020-5552

Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

6.1AI score0.00313EPSS

Exploits0References1

CVE•added 2020/03/25 1:25 a.m.•43 views

CVE-2020-5552

CVE-2020-5552 concerns the mailform PHP script by keitai-site.net, specifically version 1.04. The connected sources describe a stored cross-site scripting (CWE-79) vulnerability that can inject arbitrary script or HTML, potentially executing in the administrator’s browser when they access a site ...

6.1CVSS6AI score0.00313EPSS

Exploits0References1Affected Software1

CVE•added 2020/03/25 1:25 a.m.•40 views

CVE-2020-5553

CVE-2020-5553 affects mailform version 1.04 (keitai-site.net) and is a PHP script that allows remote arbitrary PHP code execution on the server. Root cause is a PHP code execution vulnerability (CWE-94); impact is remote compromise of confidentiality, integrity, and availability as described in t...

10CVSS9.7AI score0.02142EPSS

Exploits0References1Affected Software1

CNVD•added 2020/03/25 12:0 a.m.•1 views

keitai-site.net mailform cross-site scripting vulnerability

keitai-site.net mailform is a mail form plugin written in PHP. A cross-site scripting vulnerability exists in keitai-site.net mailform version 1.04. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00313EPSS

Exploits0

CNVD•added 2020/03/25 12:0 a.m.•1 views

keitai-site.net mailform code injection vulnerability

keitai-site.net mailform is a mail form plugin written in PHP. A code injection vulnerability exists in keitai-site.net mailform version 1.04. A remote attacker can exploit this vulnerability to execute arbitrary PHP code...

10CVSS8.1AI score0.02142EPSS

Exploits0

Japan Vulnerability Notes•added 2020/03/24 9:5 a.m.•1 views

mailform vulnerable to cross-site scripting

Overview mailform provided by keitai-site.net is a PHP script providing mail form functions to a website. mailform contains a stored cross-site scripting vulnerability CWE-79. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on January 16, 2020, it...

6.1CVSS6AI score0.00313EPSS

Exploits0References4

Japan Vulnerability Notes•added 2020/03/24 8:59 a.m.•1 views

mailform vulnerable to PHP code execution

Overview mailform provided by keitai-site.net is a PHP script providing a mail form function to a website. mailform contains a PHP code execution vulnerability CWE-94 on the server where the product is running. During the meeting of Committee for authorizing the disclosure of unresolved...

10CVSS7.4AI score0.02142EPSS

Exploits0References4

Japan Vulnerability Notes•added 2020/03/24 12:0 a.m.•72 views

JVN#85942151: mailform vulnerable to cross-site scripting

mailform provided by keitai-site.net is a PHP script providing mail form functions to a website. mailform contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of an administrator who is accessing a website using mailform...

6.1CVSS6AI score0.00313EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by