Search Results | AttackerKB

Show filters

Topics 11 Users 9,711

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

11 Total Results

Displaying 1-10 of 11

Attacker Value

Unknown

CVE-2024-22149

Disclosure Date: March 27, 2024 (last updated April 02, 2024)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann CformsII allows Stored XSS.This issue affects CformsII: from n/a through 15.0.5.

0

Attacker Value

Unknown

CVE-2023-52203

Disclosure Date: January 08, 2024 (last updated January 12, 2024)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5.

Attack Vector: Network Privileges: High User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-25449

Disclosure Date: June 15, 2023 (last updated October 08, 2023)

Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2014-10393

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The cforms2 plugin before 10.5 for WordPress has XSS.

0

Attacker Value

Unknown

CVE-2014-10392

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The cforms2 plugin before 10.2 for WordPress has XSS.

0

Attacker Value

Unknown

CVE-2017-18570

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.

0

Attacker Value

Unknown

CVE-2015-9333

Disclosure Date: August 22, 2019 (last updated November 27, 2024)

The cforms2 plugin before 14.6.10 for WordPress has SQL injection.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2017-18559

Disclosure Date: August 21, 2019 (last updated November 27, 2024)

The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2014-10377

Disclosure Date: August 21, 2019 (last updated November 27, 2024)

The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2019-15238

Disclosure Date: August 20, 2019 (last updated November 27, 2024)

The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.

0