Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2009-1070
Cross-site scripting (XSS) vulnerability in system/index.php in ExpressionEngine 1.6.4 up to and including 1.6.6, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or HTML via the avatar parameter.
Expressionengine Expressionengine 1.6.4
Expressionengine Expressionengine 1.6.5
Expressionengine Expressionengine 1.6.6
1 EDB exploit
383
VMScore
CVE-2014-4925
Cross-site scripting (XSS) vulnerability in Good for Enterprise for Android 2.8.0.398 and 1.9.0.40.
Good Good For Enterprise 1.9.0.40
Good Good For Enterprise 2.8.0.398
435
VMScore
CVE-2006-0443
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment.
Cheesyblog Cheesyblog 1.0
1 EDB exploit
265
VMScore
CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher&...
Wordpress Wordpress 2.0
1 EDB exploit
435
VMScore
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
435
VMScore
CVE-2007-1678
Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote malicious users to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler.
Fizzle Fizzle 0.5
1 EDB exploit
435
VMScore
CVE-2004-2574
Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the date parameter in a calendar.uicalendar.planner menuaction.
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.16.002
Phpgroupware Phpgroupware 0.9.16.003
Phpgroupware Phpgroupware
1 EDB exploit
436
VMScore
CVE-2017-6782
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote malicious user to modify a page in the web interface of the affected application. The vulnerability is due to improper sanitization of parameter values by the af...
Cisco Prime Infrastructure 3.2\\(0.0\\)
435
VMScore
CVE-2005-1076
Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote malicious users to inject arbitrary web script or HTML via the message field.
Webct Webct Campus 4.1
1 EDB exploit
435
VMScore
CVE-2006-5712
Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote malicious users to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element.
Mirapoint Mirapoint Webmail
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »