Foxit Reader XFA Form Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...

Foxit Reader XFA Form Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...

Foxit Reader 缓冲区错误漏洞

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

Foxit Reader for Windows 资源管理错误漏洞

Foxit Reader for Windows is a Windows-based PDF document reader from the Chinese company Foxit. Foxit Reader for Windows suffers from a resource management error vulnerability that originates from an error when handling certain XFA forms or annotation objects. A remote attacker could exploit the...

GHSA-QGP4-5QX6-548G Cross-site scripting (XSS) from unsanitized uploaded SVG files in Kirby

Impact An editor with write access to the Kirby Panel can upload an SVG or XML file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby, the script wi...

CVE-2021-29460

Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby...

CVE-2021-29460

Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby...

Design/Logic Flaw

Kirby is an open source CMS. An editor with write access to the Kirby Panel can upload an SVG file that contains harmful content like tags. The direct link to that file can be sent to other users or visitors of the site. If the victim opens that link in a browser where they are logged in to Kirby...

UPchieve: Zero click account Takeover due to Api misconfiguration 🏂🎩

Hacker reported that full account takeover was possible through exploitation of one our forms. Hacker provided sufficient information to prove capability and how to remediate. Our team remediated the issue so that the takeover is no longer possible. i was able to take over any account without any...

WordPress Teamleader CRM Forms plugin <= 2.0.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Frank Liauw in WordPress Teamleader CRM Forms plugin versions = 2.0.0. Solution Update the WordPress Teamleader CRM Forms plugin to the latest available version at least 2.1.0...

IcedID Circulates Via Web Forms, Google URLs

Website contact forms and Google URLs are being used to spread the IcedID trojan, according to researchers at Microsoft. Attackers are using “contact us” forms on websites to send emails targeting organizations with trumped-up legal threats, researchers said. The messages consistently mention a...

CVE-2020-13587

An exploitable SQL injection vulnerability exists in the "formsfieldsrules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done...

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind their allegations, but are...

PT-2021-9653 · Unknown · Rukovoditel Project Management App

Name of the Vulnerable Software and Affected Versions: Rukovoditel Project Management App version 2.7.2 Description: An exploitable SQL injection issue exists in the "forms fields rules/rules" page. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated...

Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page

Summary An exploitable SQL injection vulnerability exists in the ‘formsfieldsrules/rules’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be...

Experts uncover a new Banking Trojan targeting Latin American users

Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the...

CVE-2021-24164

In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wpajaxnfoauth, and retrieve the connection url needed to establish a connection. They could also retrieve the clientid for an already established OAuth connecti...

CVE-2021-24166

The wpajaxnfoauthdisconnect from the Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin before 3.4.34 had no nonce protection making it possible for attackers to craft a request to disconnect a site's OAuth connection...

CVE-2021-24164

In the Ninja Forms Contact Form WordPress plugin before 3.4.34.1, low-level users, such as subscribers, were able to trigger the action, wpajaxnfoauth, and retrieve the connection url needed to establish a connection. They could also retrieve the clientid for an already established OAuth connecti...

CVE-2021-24165

In the Ninja Forms Contact Form WordPress plugin before 3.4.34, the wpajaxnfoauthconnect AJAX action was vulnerable to open redirect due to the use of a user supplied redirect parameter and no protection in place...