CVE-2023-51695

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPEverest Everest Forms – Build Contact Forms, Surveys, Polls, Application Forms, and more with Ease! allows Stored XSS.This issue affects Everest Forms – Build Contact Forms, Surveys, Polls,...

CVE-2023-51695

The CVE-2023-51695 entry concerns the WordPress plugin Everest Forms (Build Contact Forms, Surveys, Polls, Application Forms, and related functionality). A stored Cross-Site Scripting (XSS) vulnerability exists due to improper neutralization of input during web page generation, affecting Everest ...

CVE-2022-4397

A vulnerability was found in morontt zend-blog-number-2. It has been classified as problematic. Affected is an unknown function of the file application/forms/Comment.php of the component Comment Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack...

CVE-2020-25562

In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent...

XenForo 1.5.x Advanced Application Forms 1.2.2 Open Redirection

Exploit Title : XenForo 1.5.x Advanced Application Forms 1.2.2 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/03/2019 Vendor Homepage : xenforo.com snogssite.com Software Information Link :...

Advance-Flow cross-site scripting vulnerability

Overview Advance-Flow is an electronic authorization system. Advance-Flow contains a cross-site scripting vulnerability in its application form. Advance-Flow provided by OSK Co. LTD contains a cross-site scripting vulnerability, as it does not properly handle output data. Some application forms a...