Skip to main content

Mailform Pro Cgi

5 CVEs product

Monthly

CVE-2025-41441 MEDIUM This Month

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mailform Pro Cgi
NVD
CVSS 4.0
6.3
EPSS
0.1%
CVE-2023-40599 HIGH This Week

Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mailform Pro Cgi
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-32610 HIGH This Week

Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mailform Pro Cgi
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-38400 MEDIUM POC PATCH This Month

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Mailform Pro Cgi
NVD
CVSS 3.1
5.9
EPSS
1.2%
CVE-2015-0883 MEDIUM This Month

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Mailform Pro Cgi
NVD
CVSS 2.0
6.8
EPSS
1.6%
EPSS 0% CVSS 6.3
MEDIUM This Month

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mailform Pro Cgi
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mailform Pro Cgi
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mailform Pro Cgi
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Mailform Pro Cgi
NVD
EPSS 2% CVSS 6.8
MEDIUM This Month

SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Mailform Pro Cgi
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy