Machform: >> Machform >> 4.2.3 Security Vulnerabilities
An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter.
CVSS Score
9.8
EPSS Score
0.072
Published
2018-05-26
An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.
CVSS Score
9.8
EPSS Score
0.104
Published
2018-05-26
Page 2