Vulnerabilities > Jqueryform > Jqueryform
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-16 | CVE-2022-24981 | Cross-site Scripting vulnerability in Jqueryform A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php. | 4.3 |
2022-02-16 | CVE-2022-24982 | Insufficiently Protected Credentials vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. | 4.0 |
2022-02-16 | CVE-2022-24983 | Path Traversal vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. | 5.0 |
2022-02-16 | CVE-2022-24984 | Unrestricted Upload of File with Dangerous Type vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. | 6.8 |
2022-02-16 | CVE-2022-24985 | Unspecified vulnerability in Jqueryform Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. | 8.8 |