Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2004-2574
Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction.
Phpgroupware Phpgroupware
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.16.003
Phpgroupware Phpgroupware 0.9.16.002
1 EDB exploit
4.3
CVSSv2
CVE-2002-2424
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote malicious users to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
Ekilat Llc Php(reactor) 1.27pl1
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2004-1735
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and previous versions allows remote authenticated users to inject arbitrary web script or HTML via the description field.
Sympa Sympa 4.1.1
Sympa Sympa 4.0
Sympa Sympa 4.1.2
Sympa Sympa 4.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-3685
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote malicious users to inject arbitrary web script or HTML via the UserName parameter.
Virtual Programming Vp-asp 5.50
1 EDB exploit
4.3
CVSSv2
CVE-2006-4308
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote malicious users to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) ...
Blackboard Blackboard Learning And Community Portal Suite 6.2.3.23
Blackboard Blackboard 6.0
Blackboard Blackboard Learning And Community Portal Suite 6.0
Blackboard Vista 4
1 EDB exploit
4.3
CVSSv2
CVE-2008-3758
Multiple cross-site scripting (XSS) vulnerabilities in Lussumo Vanilla 1.1.4 and previous versions (1) allow remote malicious users to inject arbitrary web script or HTML via the NewPassword parameter to people.php, and allow remote authenticated users to inject arbitrary web scr...
Lussumo Vanilla 1.1.2
Lussumo Vanilla 1.0.2
Lussumo Vanilla 1.1
Lussumo Vanilla
Lussumo Vanilla 1.1.3
Lussumo Vanilla 1.0.1
Lussumo Vanilla 1
Lussumo Vanilla 1.0.3
Lussumo Vanilla 0.9.2
Lussumo Vanilla 1.1.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-0829
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote malicious users to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.
Php Fusion Php Fusion 5.01
1 EDB exploit
4.3
CVSSv2
CVE-2006-0783
Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote malicious users to inject arbitrary web script or HTML via the comment_text parameter to the user comment page (/edit/Comment).
Siteframe Siteframe Beaumont 5.0.2
Siteframe Siteframe Beaumont 5.0.1
Siteframe Siteframe Beaumont 5.0.1a
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
8
9
10
NEXT »