Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3838
Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev.NET DR 11-10-05-BETA-SF1:111005 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the avatar parameter. NOTE: this may be re...
Tbdev.net Dr 010306
Tbdev.net Dr 11-10-05-beta-sf1 1
Tbdev.net Dr 16-12-05-beta-1 161
1 EDB exploit
NA
CVE-2006-6421
Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.
Phpbb Group Phpbb 2.0.1
Phpbb Group Phpbb 2.0.10
Phpbb Group Phpbb 2.0.17
Phpbb Group Phpbb 2.0.18
Phpbb Group Phpbb 2.0.5
Phpbb Group Phpbb 2.0.6
Phpbb Group Phpbb 2.0.6c
Phpbb Group Phpbb 2.0 Beta1
Phpbb Group Phpbb 2.0 Rc1
Phpbb Group Phpbb 2.0
Phpbb Group Phpbb 2.0.0
Phpbb Group Phpbb 2.0.15
Phpbb Group Phpbb 2.0.16
Phpbb Group Phpbb 2.0.3
Phpbb Group Phpbb 2.0.4
Phpbb Group Phpbb 2.0.8a
Phpbb Group Phpbb 2.0.9
Phpbb Group Phpbb 2.0.13
Phpbb Group Phpbb 2.0.14
Phpbb Group Phpbb 2.0.20
Phpbb Group Phpbb 2.0.21
Phpbb Group Phpbb 2.0.7a
1 EDB exploit
NA
CVE-2015-3935
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5 and 3.6 allow remote malicious users to inject arbitrary web script or HTML via the Business Search (search_nom) field to (1) htdocs/societe/societe.php or (2) htdocs/societe/admin/societe.php.
Dolibarr Dolibarr 3.6.0
Dolibarr Dolibarr 3.5.0
NA
CVE-2007-1905
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "&l...
Pineapple Technologies Quizshock
1 EDB exploit
NA
CVE-2007-2011
Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Deskpro Deskpro 2.0.1
1 EDB exploit
NA
CVE-2007-2908
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin prior to 3.6.6 allows remote malicious users to inject arbitrary web script or HTML via the title field in a single add action.
Jelsoft Vbulletin
1 EDB exploit
8.8
CVSSv3
CVE-2023-0493
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver before 1.7.5.
Btcpayserver Btcpay Server
6.1
CVSSv3
CVE-2015-7242
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS prior to 6.30 allows remote malicious users to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
Avm Fritz\\! Os
NA
CVE-2012-4873
Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard prior to 4.34.21 allows remote malicious users to inject arbitrary web script or HTML via the filename parameter.
Sir Gnuboard
1 EDB exploit
5.4
CVSSv3
CVE-2013-0161
Havalite CMS 1.1.7 has a stored XSS vulnerability
Havalite Havalite 1.1.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »