Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
4.3
CVSSv2
CVE-2006-0409
Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote malicious users to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup.
Pixelpost Photoblog 1.4.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2006-1157
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
Adp Adp Forum
1 EDB exploit
4.3
CVSSv2
CVE-2006-0442
Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote malicious users to inject arbitrary web script or HTML via the (1) notepad parameter in a notepad action and (2) signature parameter in an editsig action. NOTE: These are...
Mybb Mybb 1.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2011-1524
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) prior to 2.3 allows remote malicious users to inject arbitrary web script or HTML via the username field, as demonstrated by injecting an IFRAME element into the e...
Symantec Liveupdate Administrator 2.2.2
Symantec Liveupdate Administrator 2.1.2
Symantec Liveupdate Administrator 2.1.3
Symantec Liveupdate Administrator 2.1.0
Symantec Liveupdate Administrator
Symantec Liveupdate Administrator 2.2.1
1 EDB exploit
3.5
CVSSv2
CVE-2015-6354
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuv73338.
Cisco Firesight System Software 5.4.1.3
Cisco Firesight System Software 6.0.0
4.3
CVSSv2
CVE-2007-3991
Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and poss...
Asp Indir Cvmatik
1 EDB exploit
4.3
CVSSv2
CVE-2012-5315
Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 allow remote malicious users to inject arbitrary web script or HTML via the message parameter to (1) messages_viewer.php, (2) home.php, or (3) history.php.
Php Ireport Project Php Ireport 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »