Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2013-0161
Havalite CMS 1.1.7 has a stored XSS vulnerability
Havalite Havalite 1.1.7
1 EDB exploit
6
CVSSv2
CVE-2007-0399
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.
Simple Machines Simple Machines Forum 1.1 Rc3
1 EDB exploit
4.3
CVSSv2
CVE-2003-1031
Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote malicious users to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation."
1 EDB exploit
5
CVSSv2
CVE-2002-1429
Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote malicious users to inject arbitrary HTML into the shoutbox page via the site parameter.
Endity.com Shoutbox 1.2
1 EDB exploit
NA
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.7.5.
Btcpayserver Btcpay Server
4.3
CVSSv2
CVE-2002-1802
Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
Xoops Xoops 1.0 Rc3
1 EDB exploit
4.3
CVSSv2
CVE-2005-3412
Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote malicious users to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag.
Elite Forum Elite Forum 1.0.0.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-1905
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "&l...
Pineapple Technologies Quizshock
1 EDB exploit
4.3
CVSSv2
CVE-2015-7242
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS prior to 6.30 allows remote malicious users to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
Avm Fritz! Os
6.4
CVSSv2
CVE-2006-2252
Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Openfaq Openfaq 0.4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »