Lucene search
+L

117 matches found

Patchstack
Patchstack
added 2019/03/13 12:0 a.m.23 views

WordPress Smart Forms plugin <= 2.5.15 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Toshiharu Sugiyama in WordPress Smart Forms plugin versions = 2.5.15. Solution Update the WordPress Smart Forms plugin to the latest available version at least 2.6.16...

8.8CVSS2.9AI score0.0116EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/03/12 10:29 p.m.6 views

CVE-2019-5924

Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

8.8CVSS6.5AI score0.0116EPSS
Exploits0References3
NVD
NVD
added 2019/03/12 10:29 p.m.21 views

CVE-2019-5924

Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

8.8CVSS8.8AI score0.0116EPSS
Exploits0References3
Prion
Prion
added 2019/03/12 10:29 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

6.8CVSS8.8AI score0.0116EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/03/12 9:0 p.m.46 views

CVE-2019-5924

The CVE-2019-5924 issue affects the WordPress Smart Forms plugin (versions 2.6.15 and earlier). The root cause is a Cross-Site Request Forgery (CSRF) vulnerability that can allow an attacker to hijack an administrator’s authenticated session via a malicious page, enabling unauthorized actions suc...

8.8CVSS8.8AI score0.0116EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/03/12 9:0 p.m.26 views

CVE-2019-5924

Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

8.9AI score0.0116EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/03/12 12:0 a.m.7 views

PT-2019-17865 · Unknown · Smart Forms

Name of the Vulnerable Software and Affected Versions: Smart Forms versions 2.6.15 and earlier Description: A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators via a specially crafted page. Recommendations: For versions 2.6.15 and earlier,...

8.8CVSS8.6AI score0.0116EPSS
Exploits0References5
CNVD
CNVD
added 2019/03/02 12:0 a.m.8 views

WordPress Smart Forms Cross-Site Request Forgery Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Smart Forms 2.6.15 and earlier versions. A remote attacker can...

8.8CVSS6.9AI score0.0116EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/02/28 12:0 a.m.105 views

JVN#97656108: WordPress plugin "Smart Forms" vulnerable to cross-site request forgery

The WordPress plugin "Smart Forms" provided by RedNao contains a cross-site request forgery vulnerability CWE-352. Impact Unintended operations may be performed if a user logs into the WordPress administration screen and browses a malicious page. Those operations may include generating new forms,...

8.8CVSS8.6AI score0.0116EPSS
Exploits0
WPVulnDB
WPVulnDB
added 2019/02/28 12:0 a.m.13 views

Smart Forms <= 2.5.15 - Cross-Site Request Forgery (CSRF)

The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

6.8CVSS2.9AI score0.0116EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/10/13 12:0 a.m.16 views

Smart Forms 2.1.0 - Cross-Site Scripting (XSS)

The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...

1.3AI score
Exploits0References1Affected Software1
myhack58
myhack58
added 2010/07/06 12:0 a.m.23 views

Ding peaks of the smart forms system across the directory to delete the file vulnerability-vulnerability warning-the black bar safety net

The impact of the system:peak peak smart form systemASP V1. 0 Mini Defective part: elseif Request. QueryString"action"="del" then 'QueryString transmission, not much to say f=Request. QueryString"f" ‘is the QueryString, get“f”variable if f"" then 'determine f whether the null character Set...

Exploits0
CVE
CVE
added 2005/07/01 4:0 a.m.52 views

CVE-2004-2144

Baal Smart Forms pre-3.2 allows remote attackers to bypass authentication and gain system access via a direct request to regadmin.php. The issue is documented across multiple sources (CVE listing and PT Security advisory) and affects versions prior to 3.2. Remediation recommended: upgrade to Baal...

7.5CVSS7.4AI score0.02761EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2005/07/01 4:0 a.m.22 views

CVE-2004-2144

Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php...

6.9AI score0.02761EPSS
Exploits1References3
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2144

Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php...

7.5CVSS6.9AI score0.02761EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.13 views

PT-2004-3039 · Baal · Baal Smart Forms

Name of the Vulnerable Software and Affected Versions: Baal Smart Forms versions prior to 3.2 Description: The issue allows remote attackers to bypass authentication and obtain system access via a direct request to "regadmin.php". Recommendations: For versions prior to 3.2, update to version 3.2 ...

7.5CVSS7AI score0.02761EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/09/28 12:0 a.m.27 views

[SA12649] Baal Smart Forms &quot;Admin Change Password&quot; Security Bypass

TITLE: Baal Smart Forms "Admin Change Password" Security Bypass SECUNIA ADVISORY ID: SA12649 VERIFY ADVISORY: http://secunia.com/advisories/12649/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Baal Smart Forms 3.x http://secunia.com/product/3949/ DESCRIPTION: ...

0.4AI score
Exploits0
Rows per page
Query Builder