Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-0933
Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Phpx Phpx 3.5.9
1 EDB exploit
4.3
CVSSv2
CVE-2006-0443
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment.
Cheesyblog Cheesyblog 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
NA
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-3184
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username l...
Sales Tracker Management System Project Sales Tracker Management System 1.0
4.3
CVSSv2
CVE-2007-0768
Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! Messenger 8.1.0.209 and previous versions allow user-assisted remote malicious users to inject arbitrary web script or HTML via a javascript: URI in the SRC attribute of an IMG elem...
Yahoo Messenger
1 EDB exploit
2.6
CVSSv2
CVE-2009-0455
Cross-site scripting (XSS) vulnerability in the anonymous comments feature in lib-comment.php in glFusion 1.1.0, 1.1.1, and previous versions versions allows remote malicious users to inject arbitrary web script or HTML via the username parameter to comment.php.
Glfusion Glfusion 1.1.0
Glfusion Glfusion
1 EDB exploit
7.5
CVSSv2
CVE-2002-0959
Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote malicious users to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script.
Splatt Splatt Forum 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-1077
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote malicious users to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Xampp Apache Distribution 0.3
Xampp Apache Distribution 1.4.1
Xampp Apache Distribution 1.4.3
Xampp Apache Distribution 1.4.4
Xampp Apache Distribution 1.4.5
Xampp Apache Distribution 1.4.11
Xampp Apache Distribution 1.4.12
Xampp Apache Distribution 1.4.8
Xampp Apache Distribution 1.4.9
Xampp Apache Distribution 0.1
Xampp Apache Distribution 0.2
Xampp Apache Distribution 1.4.13
Xampp Apache Distribution 1.4.2
Xampp Apache Distribution 1.4.10
Xampp Apache Distribution 1.4.10a
Xampp Apache Distribution 1.4.6
Xampp Apache Distribution 1.4.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »