Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:31 a.m.10 views

CVE-2019-16902

In the ARforms plugin 3.7.1 for WordPress, arfdeletefile in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname...

7.5CVSS7.1AI score0.09726EPSS
Exploits5References1
exploitpack
exploitpack
added 2019/10/11 12:0 a.m.70 views

WordPress Arforms 3.7.1 - Directory Traversal

WordPress Arforms 3.7.1 - Directory Traversal Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link:...

6.4CVSS0.1AI score0.09726EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/10/11 12:0 a.m.183 views

WordPress Arforms 3.7.1 Directory Traversal

Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...

6.4CVSS0.1AI score0.09726EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/11 12:0 a.m.306 views

WordPress Plugin Arforms 3.7.1 - Directory Traversal

Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...

7.5CVSS7.8AI score0.09726EPSS
Exploits5
OSV
OSV
added 2019/09/27 11:15 a.m.8 views

CVE-2019-16902

In the ARforms plugin 3.7.1 for WordPress, arfdeletefile in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname...

7.5CVSS7.2AI score0.09726EPSS
Exploits5References2
CVE
CVE
added 2019/09/27 10:56 a.m.112 views

CVE-2019-16902

CVE-2019-16902 – ARforms WordPress plugin : The ARforms plugin 3.7.1 is vulnerable due to arf_delete_file in arformcontroller.php, which allows an unauthenticated attacker to delete arbitrary files by supplying the full pathname. This impacts WordPress installations using ARforms 3.7.1. Public ex...

7.5CVSS7.5AI score0.09726EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder