CVE-2017-3014

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture XFA related to reset form functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3014

Adobe Acrobat Reader from 11.0.19 and earlier, 15.006.30280 and earlier, and 15.023.20070 and earlier is affected by a use-after-free in the XML Forms Architecture (XFA) related to reset form functionality. The vulnerability can lead to arbitrary code execution when exploited locally via crafted ...

CVE-2017-3035

Adobe Acrobat Reader (affected: 11.0.19 and earlier; 15.006.30280 and earlier; 15.023.20070 and earlier) contains a use-after-free vulnerability in the XML Forms Architecture (XFA) engine (CVE-2017-3035). Exploitation could lead to arbitrary code execution. The connected documents acknowledge CVE...

Cross-site Scripting (XSS)

The npm module forms is vulnerable to cross-site scripting XSS attacks. These attacks are possible because it does not escape text in tags...

KLA10992 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitary code and possibly cause a denial of service. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerabilities in the XML Forms...

WordPress Wow Forms v2.1 Plugin SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: email protected Website: https://tad....

DEBIAN-CVE-2016-9275

Heap-based buffer overflow in the dwarfskimforms function in libdwarf/dwarfmacro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service out-of-bounds read...

CVE-2017-6443

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

CVE-2017-6443

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

Cross site scripting

Cross-site scripting XSS vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the WAD1 parameter to Forms/oadmin1...

CVE-2017-6180

Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng and the entire set of other pages...

Foxit Reader XFA Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...

Ninja Forms < 3.0.31 - XSS

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress WordPress plugin was affected by a XSS security vulnerability...

Foxit Reader < 8.2.1 Multiple Vulnerabilities

Binary data 9985.prm...

WPS-Forms XXE vulnerability in xlsx parsing

WPS-Forms is an office software. WPS Forms suffers from an XXE vulnerability in xlsx parsing. This allows attackers to exploit the vulnerability to cause the disclosure of sensitive user information as well as a DoS Denial of Service on the user's system...

U.S. Dept Of Defense: Content-Injection/XSS ████

Summary: Hi, It is possible to inject content and vulnerable to reflected Cross Site Scripting. Affected domain: https://██████████ Used browser: Mozilla. Impact One of the most common XSS attack vectors is to hijack legitimate user accounts by stealing their session cookies. This allows attacker...

IBM Forms Experience Builder Server-Side Request Forgery Security Bypass Vulnerability

IBM Forms Experience Builder is a set of U.S. IBM's Web forms for creating Web site applications. A server-side request forgery vulnerability exists in IBM Forms Experience Builder versions 8.5, 8.5.1, and 8.6. An attacker could exploit this vulnerability to obtain information about internal...

UBUNTU-CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...

CVE-2016-6175

Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header...