Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3568
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.
Fantastic Guestbook Project Fantastic Guestbook 2.0.1
1 EDB exploit
NA
CVE-2005-2855
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote malicious users to inject arbitrary web script or HTML via the description field.
Unclassified Newsboard Unclassified Newsboard 1.5.3
1 EDB exploit
NA
CVE-2003-1278
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote malicious users to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Infopop Opentopic 2.3.1
1 EDB exploit
NA
CVE-2006-0933
Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Phpx Phpx 3.5.9
1 EDB exploit
NA
CVE-2006-4449
Cross-site scripting (XSS) vulnerability in attachment.php in MyBulletinBoard (MyBB) 1.1.7 and possibly other versions allows remote malicious users to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript, which is rendered by Internet Explorer...
Mybulletinboard Mybulletinboard 1.1.7
1 EDB exploit
NA
CVE-2007-1229
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when v...
Nullsoft Shoutcast Server 1.9.7
1 EDB exploit
NA
CVE-2007-1678
Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote malicious users to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler.
Fizzle Fizzle 0.5
1 EDB exploit
NA
CVE-2004-2038
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote malicious users to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.
Neocrome Land Down Under
Neocrome Land Down Under 601
Neocrome Land Down Under 602
Neocrome Land Down Under 700.01
Neocrome Land Down Under 700.02
1 EDB exploit
NA
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
NA
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »