124 matches found
PT-2026-39615
Name of the Vulnerable Software and Affected Versions docuFORM Managed Print Service Client version 11.11c Description A directory traversal flaw allows attackers to read arbitrary files by using a crafted URL. Recommendations At the moment, there is no information about a newer version that...
CVE-2025-61312
A reflected cross-site scripted XSS vulnerability in the acc-menupricess.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61305
A reflected cross-site scripted XSS vulnerability in the dfm-menufirmware.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61307
A reflected cross-site scripted XSS vulnerability in the acc-menupapers.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61309
A reflected cross-site scripted XSS vulnerability in the dfm-menudepartments.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
PT-2026-39611
Name of the Vulnerable Software and Affected Versions docuForm version 11.11c Description A reflected cross-site scripting XSS issue exists in the 'dfm-menu orderopt.php' component. This allows attackers to execute arbitrary JavaScript in a user's browser by injecting a crafted payload into an...
CVE-2025-61310
A reflected cross-site scripted XSS vulnerability in the acc-menubillings.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. Version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
CVE-2025-61305
A reflected cross-site scripted XSS vulnerability in the dfm-menufirmware.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61309
Summary: CVE-2025-61309 affects GmbH Mecury/Mercury docuForm 11.11c, specifically the dfm-menu_departments.php component. The vulnerability is a reflected XSS where an attacker can inject a crafted payload into an unfiltered variable value, enabling arbitrary JavaScript to run in a user’s browser...
CVE-2025-65418
CVE-2025-65418 affects docuFORM Managed Print Service Client 11.11c. It is a directory traversal vulnerability that allows reading arbitrary files via a crafted URL. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) yields a base score of 7.5 (HIGH). Multiple connected sources corroborate...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
CVE-2025-61306
The CVE-2025-61306 vulnerability is a reflected XSS in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The issue arises from injecting a crafted payload into an unfiltered variable value, allowing an attacker to execute arbitrary JavaScript in a...
CVE-2025-61310
A reflected XSS vulnerability (CVE-2025-61310) affects the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The root cause is an unfiltered variable value that allows injected JavaScript to execute in a user’s browser. CVSS v3.1 base score is 6.1 (Medium) ...
PT-2026-39607
A reflected cross-site scripted XSS vulnerability in the acc-menu billings.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
docuForm FSM Server 代码问题漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a code vulnerability caused by arbitrary file upload support in the pmupdate.p...
PT-2026-39612
docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application...