本ページは synck mailform_pro_cgi に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-41441 | Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature. | [email protected] | 6.3 | 0.06% | 2025-05-26 | 2025-06-03 |
| CVE-2023-32610 | Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. | [email protected] | 7.5 | 0.78% | 2023-06-29 | 2024-11-21 |
| CVE-2022-38400 | Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL. | [email protected] | 5.9 | 0.28% | 2022-09-08 | 2024-11-21 |