Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-7242
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS prior to 6.30 allows remote malicious users to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
Avm Fritz\\! Os
NA
CVE-2015-3935
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5 and 3.6 allow remote malicious users to inject arbitrary web script or HTML via the Business Search (search_nom) field to (1) htdocs/societe/societe.php or (2) htdocs/societe/admin/societe.php.
Dolibarr Dolibarr 3.6.0
Dolibarr Dolibarr 3.5.0
8.8
CVSSv3
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.7.5.
Btcpayserver Btcpay Server
NA
CVE-2009-4939
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdPeeps 8.5d1 allow remote malicious users to inject arbitrary web script or HTML via the (1) uid parameter, (2) uid parameter in a login_lookup action, (3) uid parameter in an adminlogin action, (4) campaignid p...
Impactsoftcompany Adpeeps 8.5
2 EDB exploits
NA
CVE-2010-4963
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote malicious users to execute arbitrary SQL commands via the order_by parameter.
Hulihanapplications Hulihan Bxr 0.6.8
1 EDB exploit
NA
CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher&...
Wordpress Wordpress 2.0
1 EDB exploit
NA
CVE-2006-0933
Cross-site scripting (XSS) vulnerability in PHPX 3.5.9 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in a url XCode tag in a posted message. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Phpx Phpx 3.5.9
1 EDB exploit
NA
CVE-2007-5411
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.
Linksys Spa941
1 EDB exploit
NA
CVE-2005-2276
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 6.0
1 EDB exploit
NA
CVE-2005-1076
Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote malicious users to inject arbitrary web script or HTML via the message field.
Webct Webct Campus 4.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »