Web-Dorado Form Maker vulnerabilities
2 known vulnerabilities affecting web-dorado/form_maker.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2018-5991P2CRITICALCVSS 9.8PoCv3.6.122018-02-17
CVE-2018-5991 [CRITICAL] CVE-2018-5991: SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to paramete
SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.
nvd
CVE-2018-10504P3HIGHCVSS 7.8PoCfixed in 1.12.242018-04-27
CVE-2018-10504 [HIGH] CWE-1236 CVE-2018-10504: The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
nvd