econosys system

2 exploits Active since Feb 2022
CVE-2022-21805 WRITEUP MEDIUM STUB
php_mailform < 1.4.0 - Unauthenticated Reflected Cross-Site Scripting via Attached File Name
Reflected cross-site scripting vulnerability in the attached file name of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.
CVSS 6.1
CVE-2022-22142 WRITEUP MEDIUM WORKING POC
php_mailform < 1.4.0 - Unauthenticated Reflected Cross-Site Scripting via Checkbox
Reflected cross-site scripting vulnerability in the checkbox of php_mailform versions prior to Version 1.40 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.
CVSS 6.1