Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-equiv vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2012-2586
Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq 2.17.3.3150 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message subject with (1) a JavaScript alert function used in conjunction with the fromCharCode method or (2) a SCRIPT elem...
Mailtraq Mailtraq 2.17.3.3150
1 EDB exploit
828
VMScore
CVE-2007-3150
Google Desktop allows user-assisted remote malicious users to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, w...
Google Desktop
435
VMScore
CVE-2012-2590
Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted SRC attribute of an IFRAME element, (3) a cr...
E-supportportal Escon Supportportal 3.0
1 EDB exploit
435
VMScore
CVE-2012-2571
Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS exp...
Winwebmail Winwebmail Server 3.8.1.6
1 EDB exploit
NA
CVE-2024-0781
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" con...
Martmbithi Internet Banking System 1.0
435
VMScore
CVE-2012-2582
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x prior to 2.4.13, 3.0.x prior to 3.0.15, and 3.1.x prior to 3.1.9, and OTRS ITSM 2.1.x prior to 2.1.5, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.6, allow remote malicious us...
Otrs Otrs 2.4.0
Otrs Otrs 2.4.9
Otrs Otrs 2.4.4
Otrs Otrs 2.4.3
Otrs Otrs 2.4.2
Otrs Otrs 2.4.10
Otrs Otrs 2.4.6
Otrs Otrs 2.4.5
Otrs Otrs 2.4.11
Otrs Otrs 2.4.1
Otrs Otrs 2.4.8
Otrs Otrs 2.4.7
Otrs Otrs 2.4.12
Otrs Otrs 3.0.0
Otrs Otrs 3.0.3
Otrs Otrs 3.0.2
Otrs Otrs 3.0.11
Otrs Otrs 3.0.12
Otrs Otrs 3.0.4
Otrs Otrs 3.0.7
Otrs Otrs 3.0.6
Otrs Otrs 3.0.10
1 EDB exploit
828
VMScore
CVE-2010-3775
Mozilla Firefox prior to 3.5.16 and 3.6.x prior to 3.6.13, and SeaMonkey prior to 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote malicious users to start processes, read arbitrary local files, and estab...
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.11
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1
NA
CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunder...
Mozilla Thunderbird
578
VMScore
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
755
VMScore
CVE-2005-0053
Internet Explorer 5.01, 5.5, and 6 allows remote malicious users to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows Me
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows 2003 Server R2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »