Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-11845
An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
Ricoh Sp 4510dn Firmware -
NA
CVE-2004-0319
Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote malicious users to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument.
Ezboard Ezboard 7.3u
1 EDB exploit
NA
CVE-2007-5411
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.
Linksys Spa941
1 EDB exploit
NA
CVE-2002-1493
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote malicious users to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Lycos Htmlgear Guestgear
1 EDB exploit
NA
CVE-2003-0295
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote malicious users to inject arbitrary web script and HTML via the "Preview Message" capability.
Jelsoft Vbulletin 3.0.0 Beta 2
1 EDB exploit
NA
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
NA
CVE-2005-0863
Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote malicious users to inject arbitrary web script or HTML via (1) the chatter parameter to regulars.php or (2) the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php.
Phpopenchat Phpopenchat 3.0.0
Phpopenchat Phpopenchat 3.0.1
Phpopenchat Phpopenchat 3.0.2
1 EDB exploit
NA
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
NA
CVE-2008-1873
Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje paramet...
Tru-zone Nukeet 3.4
Tru-zone Nukeet 3.2
1 EDB exploit
NA
CVE-2007-0896
Cross-site scripting (XSS) vulnerability in the (1) Sage prior to 1.3.10, and (2) Sage++ extensions for Firefox, allows remote malicious users to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerab...
Mozilla Firefox
Sage Sage 1.3.6
Sage Sage
Sage Sage 1.0 Beta 3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »