Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
1 EDB exploit
4.3
CVSSv2
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2007-2718
Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and previous versions, when using Microsoft Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via crafted STYLE tags.
Microsoft Internet Explorer
Stalker Communigate Pro
1 EDB exploit
4.3
CVSSv2
CVE-2006-0361
Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in an <a> tag in the comment parameter, which strips most tags but not <a>.
Bit 5 Blog Bit 5 Blog 8.01
1 EDB exploit
4.3
CVSSv2
CVE-2006-0783
Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote malicious users to inject arbitrary web script or HTML via the comment_text parameter to the user comment page (/edit/Comment).
Siteframe Siteframe Beaumont 5.0.2
Siteframe Siteframe Beaumont 5.0.1
Siteframe Siteframe Beaumont 5.0.1a
1 EDB exploit
4.3
CVSSv2
CVE-2005-3685
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote malicious users to inject arbitrary web script or HTML via the UserName parameter.
Virtual Programming Vp-asp 5.50
1 EDB exploit
4.3
CVSSv2
CVE-2009-4767
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) input_name and (2) input_text parameters. NOTE: some of these details are obtained from third party information.
Plohni Shoutbox 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2003-1453
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 up to and including 1.3.9 and XOOPS 2.0 up to and including 2.0.1 allows remote malicious users to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Xoops Xoops 1.3.6
Xoops Xoops 1.3.5
Xoops Xoops 1.3.9
Xoops Xoops 2.0.1
Xoops Xoops 1.3.7
Xoops Xoops 2.0
Xoops Xoops 1.3.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6280
CVE-2024-5346
CVE-2024-30078
CVE-2022-45803
CVE-2024-36886
SQL
CVE-2024-24553
IMAP
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
9
10
NEXT »