Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-1076
Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote malicious users to inject arbitrary web script or HTML via the message field.
Webct Webct Campus 4.1
1 EDB exploit
4.3
CVSSv2
CVE-2006-1131
Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via the comment_title parameter.
Bitweaver Bitweaver 1.2.1
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2003-1453
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 up to and including 1.3.9 and XOOPS 2.0 up to and including 2.0.1 allows remote malicious users to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Xoops Xoops 2.0.1
Xoops Xoops 1.3.9
Xoops Xoops 2.0
Xoops Xoops 1.3.5
Xoops Xoops 1.3.6
Xoops Xoops 1.3.7
Xoops Xoops 1.3.8
1 EDB exploit
4.3
CVSSv2
CVE-2008-6200
Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the query string and (2) a new wiki entry.
Wiki Swiki 1.5
1 EDB exploit
4.3
CVSSv2
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
6.8
CVSSv2
CVE-2003-0283
Cross-site scripting (XSS) vulnerability in Phorum prior to 3.4.3 allows remote malicious users to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
Phorum Phorum
1 EDB exploit
2.6
CVSSv2
CVE-2009-0455
Cross-site scripting (XSS) vulnerability in the anonymous comments feature in lib-comment.php in glFusion 1.1.0, 1.1.1, and previous versions versions allows remote malicious users to inject arbitrary web script or HTML via the username parameter to comment.php.
Glfusion Glfusion 1.1.0
Glfusion Glfusion
1 EDB exploit
5.1
CVSSv2
CVE-2005-4460
Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) Name, (2) Description, and (3) Comment fields to (a) links.php and (b) links_add.php.
Beehive Forum Beehive Forum 0.2
Beehive Forum Beehive Forum 0.3
Beehive Forum Beehive Forum 0.3.1
Beehive Forum Beehive Forum 0.4
Beehive Forum Beehive Forum 0.1
Beehive Forum Beehive Forum 0.1.1
Beehive Forum Beehive Forum 0.6rc1
Beehive Forum Beehive Forum 0.6rc2
Beehive Forum Beehive Forum 0.5
Beehive Forum Beehive Forum 0.6.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »