ReportizFlow
Filtered by vendor Docuform
Subscriptions
Filtered by product Docuform
Subscriptions
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-65418 | 1 Docuform | 1 Docuform | 2026-05-13 | 7.5 High |
| docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url. | ||||
| CVE-2025-61313 | 1 Docuform | 1 Docuform | 2026-05-12 | 7.3 High |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_markeralerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61305 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61306 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61307 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61308 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_maintenance.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61309 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_departments.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61310 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61311 | 1 Docuform | 1 Docuform | 2026-05-12 | 7.3 High |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_alerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61312 | 1 Docuform | 1 Docuform | 2026-05-12 | 7.3 High |
| A reflected cross-site scripted (XSS) vulnerability in the acc-menu_pricess.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-61314 | 1 Docuform | 1 Docuform | 2026-05-12 | 7.3 High |
| A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_orderopt.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value. | ||||
| CVE-2025-65415 | 1 Docuform | 1 Docuform | 2026-05-12 | 5.4 Medium |
| docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application. | ||||
| CVE-2025-65416 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.3 Medium |
| docuFORM Managed Print Service Client 11.11c is vulnerable to arbitrary file upload via pmupdate.php. | ||||
| CVE-2025-65417 | 1 Docuform | 1 Docuform | 2026-05-12 | 6.1 Medium |
| docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application. | ||||
Page 1 of 1.