Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htmly htmly vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-33354
Directory Traversal vulnerability in htmly prior to 2.8.1 allows remote malicious users to perform arbitrary file deletions via modified file parameter.
Htmly Htmly
5.4
CVSSv3
CVE-2022-1087
A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an au...
Htmly Htmly -
6.5
CVSSv3
CVE-2020-23766
An arbitrary file deletion vulnerability exists on htmly v2.7.5 which allows remote malicious users to use any absolute path to delete any file in the server should they gain Administrator privileges.
Htmly Htmly 2.7.5
8.1
CVSSv3
CVE-2021-40285
htmly v2.8.1 exists to contain an arbitrary file deletion vulnerability via the component \views\backup.html.php.
Htmly Htmly 2.8.1
5.4
CVSSv3
CVE-2022-25022
A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows malicious users to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post.
Htmly Htmly 2.8.1
9.1
CVSSv3
CVE-2021-36701
In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on the local host when delete backup files. The vulnerability may allow a remote malicious user to delete arbitrary know files on the host.
Htmly Htmly 2.8.1
6.1
CVSSv3
CVE-2019-8349
Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) destination parameter to delete feature; the (2) destination parameter to edit feature; (3) content parameter in the profile feature.
Htmly Htmly 2.7.4
6.1
CVSSv3
CVE-2021-36702
The "content" field in the "regular post" page of the "add content" menu under "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote malicious users to send authenticated post-http requests to a...
Htmly Htmly 2.8.1
6.1
CVSSv3
CVE-2021-36703
The "blog title" field in the "Settings" menu "config" page of "dashboard" in htmly 2.8.1 has a storage cross site scripting (XSS) vulnerability. It allows remote malicious users to send an authenticated post HTTP request to admin/config an...
Htmly Htmly 2.8.1
5.4
CVSSv3
CVE-2021-30637
htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php.
Htmly Htmly 2.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »