Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-equiv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2586
Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq 2.17.3.3150 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message subject with (1) a JavaScript alert function used in conjunction with the fromCharCode method or (2) a SCRIPT elem...
Mailtraq Mailtraq 2.17.3.3150
1 EDB exploit
NA
CVE-2012-2590
Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted SRC attribute of an IFRAME element, (3) a cr...
E-supportportal Escon Supportportal 3.0
1 EDB exploit
NA
CVE-2007-3150
Google Desktop allows user-assisted remote malicious users to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, w...
Google Desktop
NA
CVE-2012-2571
Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS exp...
Winwebmail Winwebmail Server 3.8.1.6
1 EDB exploit
6.1
CVSSv3
CVE-2024-0781
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" con...
Martmbithi Internet Banking System 1.0
NA
CVE-2012-2582
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x prior to 2.4.13, 3.0.x prior to 3.0.15, and 3.1.x prior to 3.1.9, and OTRS ITSM 2.1.x prior to 2.1.5, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.6, allow remote malicious us...
Otrs Otrs 2.4.0
Otrs Otrs 2.4.9
Otrs Otrs 2.4.4
Otrs Otrs 2.4.3
Otrs Otrs 2.4.2
Otrs Otrs 2.4.10
Otrs Otrs 2.4.6
Otrs Otrs 2.4.5
Otrs Otrs 2.4.11
Otrs Otrs 2.4.1
Otrs Otrs 2.4.8
Otrs Otrs 2.4.7
Otrs Otrs 2.4.12
Otrs Otrs 3.0.0
Otrs Otrs 3.0.3
Otrs Otrs 3.0.2
Otrs Otrs 3.0.11
Otrs Otrs 3.0.12
Otrs Otrs 3.0.4
Otrs Otrs 3.0.7
Otrs Otrs 3.0.6
Otrs Otrs 3.0.10
1 EDB exploit
NA
CVE-2010-3775
Mozilla Firefox prior to 3.5.16 and 3.6.x prior to 3.6.13, and SeaMonkey prior to 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote malicious users to start processes, read arbitrary local files, and estab...
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.11
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1
8.1
CVSSv3
CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunder...
Mozilla Thunderbird
8.8
CVSSv3
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
NA
CVE-2024-20405
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote malicious user to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »