Atreb92

4 exploits Active since Jul 2024
CVE-2024-37764 NOMISEC MEDIUM WRITEUP
MachForm < 19 - Authenticated Stored Cross-Site Scripting
MachForm up to version 19 is affected by an authenticated stored cross-site scripting.
2 stars
CVSS 5.4
CVE-2024-37762 NOMISEC CRITICAL WRITEUP
MachForm < 21 - Authenticated Unrestricted File Upload leading to Remote Code Execution
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution.
1 stars
CVSS 9.9
CVE-2024-37763 NOMISEC MEDIUM WRITEUP
MachForm < 19 - Unauthenticated Stored Cross-Site Scripting
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results.
1 stars
CVSS 5.4
CVE-2024-37765 NOMISEC HIGH WORKING POC
Machform < 19 - Authenticated Blind SQL Injection in User Account Settings Page
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page.
1 stars
CVSS 8.8