CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Machform: >> Machform >> 2.0 Security Vulnerabilities

CVE-2013-4949

Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in the upload form's directory in data/.

CVSS Score

6.8

EPSS Score

0.089

Published

2013-07-29

CVE-2013-4950

Cross-site scripting (XSS) vulnerability in view.php in Machform 2 allows remote attackers to inject arbitrary web script or HTML via the element_2 parameter.

CVSS Score

4.3

EPSS Score

0.037

Published

2013-07-29

Page 2

Vulnerabilities

Vulnerable Software

Machform: >> Machform >> 2.0 Security Vulnerabilities

Products

Pricing

Contact Us