CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-9483

The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmg_filman_download() function. A remote unauthenticated attacker may be able to use this vulnerability to inject PHP code, or along with CVE-2016-9484 to perform local file inclusion attacks and obtain files from the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/94778
https://www.kb.cert.org/vuls/id/494015
http://www.securityfocus.com/bid/94778
https://www.kb.cert.org/vuls/id/494015

Products affected by CVE-2016-9483

Jqueryform » Php Formmail Generator » Version: N/A

cpe:2.3:a:jqueryform:php_formmail_generator:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9483

Products

Pricing

Contact Us