Microweber 安全漏洞

Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A file upload vulnerability exists in Microweber version v.2.0.4, which stems from the...

The vulnerability of the Forms component in the Oracle Clinical Remote Data Capture system allows a intruder to disclose protected information.

The vulnerability of the Forms component in the Oracle Clinical Remote Data Capture system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

PT-2023-3407 · Django +6 · Django +6

Name of the Vulnerable Software and Affected Versions: Django versions 3.2 through 3.2.18 Django versions 4.0 through 4.1.8 Django versions 4.2 through 4.2.0 Description: The issue is related to insufficient input validation in the forms.FileField and forms.ImageField components of the Django web...

CVE-2020-35125

A cross-site scripting XSS vulnerability in the forms component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript via mauticreturn a different attack method than CVE-2020-35124, but also related to the Referer concept...

CVE-2020-9741

The AEM forms add-on for versions 6.5.5.0 and below and 6.4.8.2 and below is affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Forms component. These scripts may be executed in a victim’s browser when they op...

CVE-2010-2396

Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...

CVE-2010-2396

Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...

Security update 1970-01-01

...