10 matches found
CVE-2026-51923
An Insecure Direct Object Reference IDOR vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts...
CVE-2026-51924
An issue in docuForm GmbH Client v.11.11c allows a remote attacker to execute arbitrary code via the file upload and report.php component...
CVE-2026-51926
The vulnerability (CVE-2026-51926) affects docuForm FSM Client v11.11c. The login.php authentication mechanism enables user enumeration: an attacker can distinguish valid from invalid usernames by differences in server responses, enabling identification of existing accounts. This information coul...
CVE-2026-51925
A Local File Inclusion LFI vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menureport.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source cod...
CVE-2026-51925
CVE-2026-51925 affects docuForm GmbH Client v11.11c. A Local File Inclusion flaw in the dfm-menu_report.php component allows an attacker to read arbitrary server files (e.g., system/configuration files, source code) and potentially execute arbitrary code. The PT-Security entry confirms the affect...
CVE-2026-51924
An issue in docuForm GmbH Client v.11.11c allows a remote attacker to execute arbitrary code via the file upload and report.php component...
CVE-2026-51924
CVE-2026-51924 affects docuForm GmbH Client v.11.11c. A vulnerability in the file upload and report.php component allows a remote attacker to execute arbitrary code. Root cause: improper handling of uploaded files leading to code execution. Impacted product is documented; CVSSv3.1 base score 8.1 ...
CVE-2026-51923
An Insecure Direct Object Reference IDOR vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts...
CVE-2026-51923
The CVE-2026-51923 entry concerns docuForm GmbH Client v.11.11c with an Insecure Direct Object Reference (IDOR) vulnerability in the user settings component. The technical detail provided states that a remote attacker can execute arbitrary code and modify or retrieve sensitive data associated wit...
CVE-2025-65418
docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url...