Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web frontend vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29929
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce allows Stored XSS.This issue affects WCFM – Frontend Manager for WooCommerce: from n/a up to and including...
NA
CVE-2021-31740
SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS).
Seppmail Seppmail -
4.3
CVSSv2
CVE-2008-0877
Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, them...
Jinzora Media Jukebox 2.7.5
4 EDB exploits
5
CVSSv2
CVE-2022-24790
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request sta...
Puma Puma
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
4.3
CVSSv2
CVE-2004-0787
Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and previous versions, and 0.9.2 RC6 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via the form input fields.
Openca Openca 0.8.0
Openca Openca 0.9.1
Openca Openca 0.9.1.2
Openca Openca 0.9.1.3
Openca Openca 0.9.1.8
Openca Openca 0.9.1.4
Openca Openca 0.9.0.1
Openca Openca 0.9.1.6
Openca Openca 0.8.1
Openca Openca 0.9.1.5
Openca Openca 0.9.0
Openca Openca 0.9.2 Rc6
Openca Openca 0.9.0.2
Openca Openca 0.8.6
Openca Openca 0.9.1.7
4.3
CVSSv2
CVE-2007-4022
Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote malicious users to inject arbitrary web script or HTML via the resname parameter.
Cpanel Cpanel 10.9.1
1 EDB exploit
4.3
CVSSv2
CVE-2014-100034
Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk prior to 1.2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Licensepal Arcticdesk
4.3
CVSSv2
CVE-2009-4823
Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 up to and including 11.24.7 allows remote malicious users to inject arbitrary web script or HTML via the fileop parameter.
Cpanel Cpanel 11.0
Cpanel Cpanel 11.18
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.22
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.16
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.21
Cpanel Cpanel 11.24
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.24.7
1 EDB exploit
3.5
CVSSv2
CVE-2018-20370
SZ NetChat prior to 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend.
The-sz Netchat
4.3
CVSSv2
CVE-2008-1499
Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote malicious users to inject arbitrary web script or HTML via the query string.
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.21
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »