Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-3308
Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) name or (2) comment parameter in detail.php, (3) the username parameter in get.php, and (4) the search parameter in index.php.
Zomplog Zomplog 3.3
Zomplog Zomplog 3.4
1 EDB exploit
4.3
CVSSv2
CVE-2014-4925
Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40.
Good Good For Enterprise 1.9.0.40
Good Good For Enterprise 2.8.0.398
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2006-1157
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
Adp Adp Forum
1 EDB exploit
4.3
CVSSv2
CVE-2004-2475
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote malicious users to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross pr...
Google Toolbar 1.1.42
Google Toolbar 1.1.43
Google Toolbar 1.1.54
Google Toolbar 1.1.55
Google Toolbar 2.0.114.1
Google Toolbar 1.1.47
Google Toolbar 1.1.48
Google Toolbar 1.1.58
Google Toolbar 1.1.59
Google Toolbar 1.1.44
Google Toolbar 1.1.45
Google Toolbar 1.1.56
Google Toolbar 1.1.57
Google Toolbar 1.1.41
Google Toolbar 1.1.49
Google Toolbar 1.1.53
Google Toolbar 1.1.60
1 EDB exploit
NA
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Availability Booking Calendar 5.0
6.8
CVSSv2
CVE-2003-0283
Cross-site scripting (XSS) vulnerability in Phorum prior to 3.4.3 allows remote malicious users to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
Phorum Phorum
1 EDB exploit
4.3
CVSSv2
CVE-2005-0829
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote malicious users to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.
Php Fusion Php Fusion 5.01
1 EDB exploit
4.3
CVSSv2
CVE-2003-1453
Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 up to and including 1.3.9 and XOOPS 2.0 up to and including 2.0.1 allows remote malicious users to inject arbitrary web script or HTML via a javascript: URL in an IMG tag.
Xoops Xoops 2.0.1
Xoops Xoops 1.3.9
Xoops Xoops 2.0
Xoops Xoops 1.3.5
Xoops Xoops 1.3.6
Xoops Xoops 1.3.7
Xoops Xoops 1.3.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »