Skip to main content

Proforms

2 CVEs product

Monthly

CVE-2023-40655 MEDIUM This Month

A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Proforms
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-34476 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Proforms
NVD
CVSS 3.1
9.8
EPSS
0.5%
EPSS 0% CVSS 6.1
MEDIUM This Month

A reflected XSS vulnerability was discovered in the Proforms Basic component for Joomla. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Proforms
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Proforms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy