Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2003-1278
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote malicious users to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Infopop Opentopic 2.3.1
1 EDB exploit
4.3
CVSSv2
CVE-2007-0896
Cross-site scripting (XSS) vulnerability in the (1) Sage prior to 1.3.10, and (2) Sage++ extensions for Firefox, allows remote malicious users to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerab...
Mozilla Firefox
Sage Sage 1.3.6
Sage Sage
Sage Sage 1.0 Beta 3
1 EDB exploit
7.5
CVSSv2
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
4.3
CVSSv2
CVE-2009-4767
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) input_name and (2) input_text parameters. NOTE: some of these details are obtained from third party information.
Plohni Shoutbox 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-1077
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote malicious users to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
Xampp Apache Distribution 0.3
Xampp Apache Distribution 1.4.1
Xampp Apache Distribution 1.4.3
Xampp Apache Distribution 1.4.4
Xampp Apache Distribution 1.4.5
Xampp Apache Distribution 1.4.11
Xampp Apache Distribution 1.4.12
Xampp Apache Distribution 1.4.8
Xampp Apache Distribution 1.4.9
Xampp Apache Distribution 0.1
Xampp Apache Distribution 0.2
Xampp Apache Distribution 1.4.13
Xampp Apache Distribution 1.4.2
Xampp Apache Distribution 1.4.10
Xampp Apache Distribution 1.4.10a
Xampp Apache Distribution 1.4.6
Xampp Apache Distribution 1.4.7
1 EDB exploit
NA
CVE-2023-48825
Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Availability Booking Calendar 5.0
NA
CVE-2023-3184
A vulnerability was found in SourceCodester Sales Tracker Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /classes/Users.php?f=save. The manipulation of the argument firstname/middlename/lastname/username l...
Sales Tracker Management System Project Sales Tracker Management System 1.0
4.3
CVSSv2
CVE-2006-1040
Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote malicious users to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.
Jelsoft Vbulletin 3.0.12
Jelsoft Vbulletin 3.5.3
1 EDB exploit
3.5
CVSSv2
CVE-2015-6354
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuv73338.
Cisco Firesight System Software 5.4.1.3
Cisco Firesight System Software 6.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »