Aggregates CVE and security vulnerability intelligence across all synck-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling and vendor risk denial of service, with potential vendor impact file overwrite across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-41441 | Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature. | [email protected] | 6.3 | 0.06% | 2025-05-26 | 2025-06-03 |
| CVE-2023-32610 | Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. | [email protected] | 7.5 | 0.78% | 2023-06-29 | 2024-11-21 |
| CVE-2022-38400 | Mailform Pro CGI 4.3.1 and earlier allow a remote unauthenticated attacker to obtain the user input data by having a use of the product to access a specially crafted URL. | [email protected] | 5.9 | 0.28% | 2022-09-08 | 2024-11-21 |