CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8170 matches found

Joomla! Vulnerable Extensions List•added 2018/04/12 12:0 a.m.•500 views

Convert Forms, 2.0.3, CSV Injection

Convert Forms by Tassos.gr, versions 2.0.3 and previous, CSV Injection resolution: update to 2.0.4 update notice: https://www.tassos.gr/blog/convert-forms-2-0-4-security-release...

1.7AI score

Exploits0References2Affected Software1

Packet Storm•added 2018/04/12 12:0 a.m.•53 views

Joomla Convert Forms 2.0.3 CSV Injection

Exploit Title: Joomla Extension Convert Forms version 2.0.3 - Formula Injection CSV Injection Google Dork: N/A Date: 12-04-2018 Exploit Author: Jetty Sairam Software Link: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/convert-forms/ Affected Version: 2.03 and befo...

7.7AI score0.09568EPSS

Exploits5

Exploit DB•added 2018/04/12 12:0 a.m.•39 views

Joomla! Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

Exploit Title: Joomla Extension Convert Forms version 2.0.3 is vulnerable to Formula Injection CSV Injection Google Dork: N/A Date: 12-04-2018 Exploit Author: Jetty Sairam Software Link: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/convert-forms/ Affected Version...

7.8CVSS7.7AI score0.09568EPSS

Exploits5

exploitpack•added 2018/04/12 12:0 a.m.•96 views

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

Joomla Convert Forms version 2.0.3 - Formula Injection CSV Injection Exploit Title: Joomla Extension Convert Forms version 2.0.3 is vulnerable to Formula Injection CSV Injection Google Dork: N/A Date: 12-04-2018 Exploit Author: Jetty Sairam Software Link:...

6.8CVSS7.9AI score0.09568EPSS

Exploits5

CNVD•added 2018/04/11 12:0 a.m.•1 views

Memory Corruption Vulnerability in SoftZone Office Forms Easy Module Handling xls Files

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. A memory corruption vulnerability exists in the SoftZone Office Forms Easy module PlanMaker.exe when processing xls files. An attacker can...

7.9AI score

Exploits0

CNVD•added 2018/03/27 12:0 a.m.•2 views

SQL injection vulnerability in Monxin Forms System \program\talk\show\set_group.php page

Monxin Forms System is an open source program that runs on PHP+MySQL. A SQL injection vulnerability exists in the \program\talk\show\setgroup.php page of Monxin Forms System. An attacker can exploit this vulnerability to obtain sensitive information from the database...

7.6AI score

Exploits0

CNVD•added 2018/03/27 12:0 a.m.•1 views

SQL Injection Vulnerability in Monxin Forms System \program\form\show\data_admin.php Page

Monxin Forms System is an open source program that runs on PHP+MySQL. A SQL injection vulnerability exists in the page \program\form\show\dataadmin.php of Monxin Forms System. An attacker can exploit this vulnerability to obtain sensitive database information...

7.9AI score

Exploits0

OSV•added 2018/03/15 10:29 p.m.•1 views

CVE-2016-0223

Cross-site scripting XSS vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006...

6.1CVSS5.9AI score

Exploits0References2

Prion•added 2018/03/15 10:29 p.m.•11 views

Cross site scripting

4.3CVSS5.6AI score0.0087EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2018/03/15 10:29 p.m.•2 views

CVE-2016-0223

6.1CVSS5.7AI score0.0087EPSS

Exploits0References3

NVD•added 2018/03/15 10:29 p.m.•16 views

CVE-2016-0223

6.1CVSS5.7AI score0.0087EPSS

Exploits0References2

CVE•added 2018/03/15 10:0 p.m.•36 views

CVE-2016-0223

CVE-2016-0223 affects IBM Forms Server (Webform Framework API) on 4.0., 8.0. , 8.1, 8.2. The vulnerability arises from improper validation of user-supplied input, allowing a remote attacker to execute arbitrary script via a specially crafted URL, i.e., a cross-site scripting (XSS) flaw. Impact in...

6.1CVSS5.7AI score0.0087EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/03/15 10:0 p.m.•17 views

CVE-2016-0223

5.7AI score0.0087EPSS

Exploits0References2

Microsoft KB•added 2018/03/13 7:0 a.m.•138 views

Description of the security update for SharePoint Enterprise Server 2016: March 13, 2018

Description of the security update for SharePoint Enterprise Server 2016: March 13, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, go ...

8.8CVSS7.9AI score0.11786EPSS

Exploits0

Veracode•added 2018/03/09 4:10 a.m.•14 views

Cross-site Scripting (XSS)

primefaces is vulnerable to cross-site scripting XSS attacks. The library does not properly escape cfg.promptLabel, item.children'span'.text, input.next.text and input.val, found in forms.password.js, forms.multiselectlistbox.js, and forms.selectcheckboxmenu.js respectively. These improper...

6AI score

Exploits0

CNVD•added 2018/03/02 12:0 a.m.•1 views

WordPress Plugin Ninja Forms Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports in PHP and MySQL servers to set up a personal blog site . Ninja Forms is one of the form plug-ins . A cross-site scripting vulnerability exists in the WordPress plugi...

6.1CVSS6.1AI score0.00775EPSS

Exploits0References1

CNVD•added 2018/02/28 12:0 a.m.•1 views

Memory Corruption Vulnerability in WPS Office 2016 Forms etmain Module

WPS office is an office software suite independently developed by Kingsoft Corporation. A memory corruption vulnerability exists in the etmain module of WPS Forms et.exe in WPS when parsing a specific xls file. An attacker can exploit the vulnerability to cause a denial of service...

6.9AI score

Exploits0

Zero Day Initiative•added 2018/02/27 12:0 a.m.•31 views

Adobe Acrobat Pro DC PDF Forms Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS2.3AI score0.13242EPSS

Exploits0References1

WPVulnDB•added 2018/02/26 12:0 a.m.•22 views

Ninja Forms < 3.2.15 - Parameter Tampering

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a Parameter Tampering security vulnerability...

5CVSS2.4AI score0.01392EPSS

Exploits0Affected Software1

CNVD•added 2018/02/26 12:0 a.m.•2 views

IBM Forms Experience Builder XML External Entity Injection Vulnerability

IBM Forms Experience Builder is a set of U.S. IBM's Web forms for creating Web site applications. An XML external entity injection vulnerability exists in IBM Forms Experience Builder versions 8.5, 8.5.1, and 8.6. A remote attacker could exploit this vulnerability to obtain sensitive information...

4CVSS6.8AI score0.01004EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by