Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
htmly htmly vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-8349
Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) destination parameter to delete feature; the (2) destination parameter to edit feature; (3) content parameter in the profile feature.
Htmly Htmly 2.7.4
490
VMScore
CVE-2020-23766
An arbitrary file deletion vulnerability exists on htmly v2.7.5 which allows remote malicious users to use any absolute path to delete any file in the server should they gain Administrator privileges.
Htmly Htmly 2.7.5
385
VMScore
CVE-2021-26929
An XSS issue exists in Horde Groupware Webmail Edition up to and including 5.2.22 (where the Horde_Text_Filter library prior to 2.3.7 is used). The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2h...
Horde Groupware
Debian Debian Linux 9.0
NA
CVE-2024-34191
htmly v2.9.6 exists to contain an arbitrary file deletion vulnerability via the delete_post() function at admin.php. This vulnerability allows malicious users to delete arbitrary files via a crafted request.
NA
CVE-2024-30953
A stored cross-site scripting (XSS) vulnerability in Htmly v2.9.5 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Link Name parameter of Menu Editor module.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2