Vulnerabilities > Jqueryform > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-02-16 CVE-2022-24984 Unrestricted Upload of File with Dangerous Type vulnerability in Jqueryform
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution.
network
low complexity
jqueryform CWE-434
critical
9.8
2018-07-13 CVE-2016-9492 Unrestricted Upload of File with Dangerous Type vulnerability in Jqueryform PHP Formmail Generator 20161206
The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to unrestricted upload of dangerous file types.
network
low complexity
jqueryform CWE-434
critical
9.8
2018-07-13 CVE-2016-9483 Deserialization of Untrusted Data vulnerability in Jqueryform PHP Formmail Generator
The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmg_filman_download() function.
network
low complexity
jqueryform CWE-502
critical
9.8
2018-07-13 CVE-2016-9482 Improper Authentication vulnerability in Jqueryform PHP Formmail Generator
Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel
network
low complexity
jqueryform CWE-287
critical
9.8