Lucene search
+L

4 matches found

NVD
NVD
added 2022/02/08 11:15 a.m.19 views

CVE-2022-21805

Reflected cross-site scripting vulnerability in the attached file name of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.1CVSS0.00955EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/08 10:30 a.m.25 views

CVE-2022-21805

Reflected cross-site scripting vulnerability in the attached file name of phpmailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors...

6.2AI score0.00955EPSS
Exploits0References2
CVE
CVE
added 2022/02/08 10:30 a.m.68 views

CVE-2022-21805

CVE-2022-21805 is a reflected XSS vulnerability in php_mailform prior to v1.40. The issue stems from insufficient cleanup of user-supplied data in the attached file name, enabling a remote unauthenticated attacker to inject arbitrary scripts via unspecified vectors and potentially execute in a vi...

6.1CVSS5.9AI score0.00955EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/01/20 12:0 a.m.24 views

JVN#16690037: Multiple cross-site scripting vulnerabilities in php_mailform

phpmailform provided by econosys system contains multiple cross-site scripting vulnerabilities listed below. Reflected cross-site scripting vulnerability regarding the checkbox CWE-79 - CVE-2022-22142 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base...

6.1CVSS6.5AI score0.00955EPSS
Exploits0
Rows per page
Query Builder