Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-1420
A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote malicious user to modify a web page in the context of a user's browser. The vulnerability is due to improper checks on parameter values in affected pages. An attacker could ex...
Cisco Webex Meetings -
4.3
CVSSv2
CVE-2004-2038
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote malicious users to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.
Neocrome Land Down Under 700.01
Neocrome Land Down Under 700.02
Neocrome Land Down Under 601
Neocrome Land Down Under 602
Neocrome Land Down Under
1 EDB exploit
4.3
CVSSv2
CVE-2003-1278
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote malicious users to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Infopop Opentopic 2.3.1
1 EDB exploit
4.3
CVSSv2
CVE-2014-4925
Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40.
Good Good For Enterprise 1.9.0.40
Good Good For Enterprise 2.8.0.398
4.3
CVSSv2
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
4.3
CVSSv2
CVE-2008-1873
Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje paramet...
Tru-zone Nukeet 3.4
Tru-zone Nukeet 3.2
1 EDB exploit
4.3
CVSSv2
CVE-2005-3308
Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) name or (2) comment parameter in detail.php, (3) the username parameter in get.php, and (4) the search parameter in index.php.
Zomplog Zomplog 3.3
Zomplog Zomplog 3.4
1 EDB exploit
4.3
CVSSv2
CVE-2006-0443
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment.
Cheesyblog Cheesyblog 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2003-0295
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote malicious users to inject arbitrary web script and HTML via the "Preview Message" capability.
Jelsoft Vbulletin 3.0.0 Beta 2
1 EDB exploit
4.3
CVSSv2
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »