Lucene search
K

48 matches found

OSV
OSV
added 2025/10/08 6:15 a.m.3 views

CVE-2025-11437

A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This issue is currentl...

4.8CVSS5.5AI score
Exploits0References4
Cvelist
Cvelist
added 2025/10/08 6:2 a.m.19 views

CVE-2025-11437 JhumanJ OpnForm Form Editor forms cross site scripting

A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This issue is currentl...

4.8CVSS0.00272EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.5 views

OpnForm 代码注入漏洞

OpnForm is a form builder by Julien Nahum Personal Developer. A code injection vulnerability exists in OpnForm 1.9.3 and earlier versions, which stems from an incorrect operation of the component Form Editor in file/api/open/forms, and could lead to a cross-site scripting attack...

4.8CVSS4.2AI score0.00272EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52726

Malicious code in bioql PyPI...

7.1CVSS6.4AI score0.00667EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-22154

Malicious code in bioql PyPI...

7.7CVSS6AI score0.00599EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 8:35 p.m.12 views

CVE-2022-31041

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS6.7AI score0.00748EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:23 a.m.7 views

CVE-2024-24771

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS7.7AI score0.00599EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/02/07 3:15 p.m.5 views

CVE-2024-24771

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS5.8AI score0.00599EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/02/07 3:15 p.m.39 views

CVE-2024-24771

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS7.8AI score0.00599EPSS
Exploits0References5
Prion
Prion
added 2024/02/07 3:15 p.m.34 views

Design/Logic Flaw

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

3.2CVSS7.5AI score0.00599EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/02/07 2:51 p.m.20 views

CVE-2024-24771 Open Forms potential multi-factor authentication bypass

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS6AI score0.00599EPSS
Exploits0References7
CVE
CVE
added 2024/02/07 2:51 p.m.99 views

CVE-2024-24771

Open Forms CVE-2024-24771 affects multiple versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2, with a non-exploitable MFA weakness that could allow a second-factor bypass if a superuser’s credentials are compromised. Attack could let the attacker view sensitive submissions or impersonate staff if b...

7.7CVSS5.8AI score0.00599EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/02/07 2:51 p.m.35 views

CVE-2024-24771 Open Forms potential multi-factor authentication bypass

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS7.9AI score0.00599EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/02/07 2:51 p.m.23 views

CVE-2024-24771 Open Forms potential multi-factor authentication bypass

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

7.7CVSS7AI score0.00599EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/07 12:0 a.m.6 views

Open Forms Security Vulnerability

Open Forms is Open Formulieren open source an intelligent dynamic form . Used to quickly create a powerful and intelligent forms exposed through the API . A security vulnerability exists in Open Forms versions prior to 2.2.8, 2.3.6, 2.4.4, 2.5.1, which stems from an authentication bypass...

7.7CVSS6.9AI score0.00599EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/02/07 12:0 a.m.5 views

PT-2024-20549 · Unknown · Open Forms

Name of the Vulnerable Software and Affected Versions: Open Forms versions prior to 2.2.9 Open Forms versions prior to 2.3.7 Open Forms versions prior to 2.4.5 Open Forms versions prior to 2.5.2 Description: Open Forms allows users to create and publish smart forms. The software contains a...

7.7CVSS5.8AI score0.00599EPSS
Exploits0References12
NVD
NVD
added 2022/06/13 1:15 p.m.35 views

CVE-2022-31041

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS0.00748EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/13 12:35 p.m.41 views

CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS7.7AI score0.00748EPSS
Exploits0References2
OSV
OSV
added 2022/06/13 12:35 p.m.28 views

CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS6.4AI score0.00748EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/06/13 12:35 p.m.11 views

CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms

Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...

7.6CVSS7.5AI score0.00748EPSS
Exploits0References2
Rows per page
Query Builder