124 matches found
CVE-2025-61311
A reflected cross-site scripted XSS vulnerability in the dfm-menualerts.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
docuForm FSM Server 跨站脚本漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a cross-site scripting vulnerability. This vulnerability originates from the...
PT-2026-39611
Name of the Vulnerable Software and Affected Versions docuForm version 11.11c Description A reflected cross-site scripting XSS issue exists in the 'dfm-menu orderopt.php' component. This allows attackers to execute arbitrary JavaScript in a user's browser by injecting a crafted payload into an...
PT-2026-39602
A reflected cross-site scripted XSS vulnerability in the dfm-menu firmware.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-65416
docuFORM Managed Print Service Client 11.11c is vulnerable to arbitrary file upload via pmupdate.php...
docuForm FSM Server 代码问题漏洞
The docuForm FSM Server is a server-side system developed by the German company docuForm, designed for enterprise document processing and form workflow management. The version 11.11c of the docuForm FSM Server contains a code vulnerability caused by arbitrary file upload support in the pmupdate.p...
CVE-2025-61307
A reflected cross-site scripted XSS vulnerability in the acc-menupapers.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61305
A reflected cross-site scripted XSS vulnerability in the dfm-menufirmware.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-65418
docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url...
CVE-2025-61307
CVE-2025-61307 describes a reflected XSS in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The vulnerability allows attackers to inject arbitrary Javascript into a user’s browser by crafting a payload into an unfiltered variable value. Documents specif...
CVE-2025-61306
The CVE-2025-61306 vulnerability is a reflected XSS in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The issue arises from injecting a crafted payload into an unfiltered variable value, allowing an attacker to execute arbitrary JavaScript in a...
CVE-2025-61310
A reflected XSS vulnerability (CVE-2025-61310) affects the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The root cause is an unfiltered variable value that allows injected JavaScript to execute in a user’s browser. CVSS v3.1 base score is 6.1 (Medium) ...
CVE-2025-61305
CVE-2025-61305 describes a reflected XSS in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The root cause is that an unfiltered variable value can be crafted by an attacker to inject arbitrary Javascript and execute it in a victim’s browser. This vul...
CVE-2025-61311
CVE-2025-61311 describes a reflected XSS in the dfm-menu_alerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The underlying issue is an unfiltered variable value that allows arbitrary JavaScript execution in a user’s browser. Affected software is docuForm 11.11c; the vu...
CVE-2025-65417
CVE-2025-65417 affects the docuFORM Managed Print Service Client 11.11c. Affected component: login page, vulnerable to a reflected cross-site scripting (XSS) attack. Underlying cause and impact are described in the provided metrics: CVSS 3.1 base score 6.1 (Medium), vector AV:N/AC:L/PR:N/UI:R/S:C...
CVE-2025-61314
CVE-2025-61314 describes a reflected XSS in the dfm-menu_orderopt.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The vulnerability allows an attacker to inject a crafted payload into an unfiltered variable value, causing arbitrary Javascript execution in the context of an...
CVE-2025-61312
CVE-2025-61312 is a reflected XSS in the acc-menu_pricess.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The vulnerability arises from unfiltered input in a variable value, allowing an attacker to inject arbitrary Javascript to be executed in a user’s browser. Connected d...
CVE-2025-65415
docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application...
CVE-2025-61309
A reflected cross-site scripted XSS vulnerability in the dfm-menudepartments.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...
CVE-2025-61310
A reflected cross-site scripted XSS vulnerability in the acc-menubillings.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...