Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-5759
Cross-site scripting (XSS) vulnerability in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allows remote malicious users to inject arbitrary web script or HTML via the name parameter in an updaterecord action to index.php in the 08_Files module. NOTE: the provenance of this information i...
Flatnux Flatnux 2008-12-11
1 EDB exploit
4.3
CVSSv2
CVE-2003-1278
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote malicious users to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Infopop Opentopic 2.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2004-1735
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the description field.
Sympa Sympa 4.1
Sympa Sympa 4.1.1
Sympa Sympa 4.1.2
Sympa Sympa 4.0
1 EDB exploit
4.3
CVSSv2
CVE-2002-1453
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote malicious users to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.
Mywebserver Mywebserver 1.0.2
1 EDB exploit
NA
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Availability Booking Calendar 5.0
6.8
CVSSv2
CVE-2003-0283
Cross-site scripting (XSS) vulnerability in Phorum prior to 3.4.3 allows remote malicious users to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
Phorum Phorum
1 EDB exploit
5.8
CVSSv2
CVE-2006-1979
Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote malicious users to inject arbitrary web script or HTML via the homepage parameter.
Manic Web Mwguest 2.1.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-3991
Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and poss...
Asp Indir Cvmatik
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »