Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-equiv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0479
Internet Explorer 6 allows remote malicious users to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference.
Microsoft Ie 6
1 EDB exploit
5.3
CVSSv3
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
NA
CVE-2012-2573
Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS expre...
Tdah T-day Webmail 3.2.0-2.3
2 EDB exploits
6.1
CVSSv3
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero prior to 12.3.0 allows remote malicious users to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' in the WebSocket messages.
Aspnetzero Asp.net Zero
NA
CVE-2007-2555
Unspecified vulnerability in Default.aspx in Podium CMS allows remote malicious users to have an unknown impact, possibly session fixation, via a META HTTP-EQUIV Set-cookie expression in the id parameter, related to "cookie manipulation." NOTE: this issue might be cross...
Podium Cms Podium Cms
5.4
CVSSv3
CVE-2021-42564
An open redirect through HTML injection in confidential messages in Cryptshare prior to 5.1.0 allows remote attackers (with permission to provide confidential messages via Cryptshare) to redirect targeted victims to any URL via the '<meta http-equiv="refresh"...
Cryptshare Cryptshare Server
NA
CVE-2012-2585
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ServiceDesk Plus 8.1 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a...
Manageengine Servicedesk Plus 8.1
1 EDB exploit
NA
CVE-2002-2169
Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote malicious users to conduct unauthorized activities, such as adding buddies and groups to a user's buddy list, via a URL with a META HTTP-EQUIV="refresh" t...
Aol Instant Messenger 4.7
Aol Instant Messenger 4.5
Aol Instant Messenger 4.7.2480
1 EDB exploit
NA
CVE-2014-4908
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios up to and including 0.6.22 allow remote malicious users to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) share/pnp/application/views/...
Pnp4nagios Pnp4nagios 0.6.20
Pnp4nagios Pnp4nagios 0.6.11
Pnp4nagios Pnp4nagios 0.6.13
Pnp4nagios Pnp4nagios 0.6.3
Pnp4nagios Pnp4nagios 0.6.5
Pnp4nagios Pnp4nagios 0.6.19
Pnp4nagios Pnp4nagios 0.6.0
Pnp4nagios Pnp4nagios 0.6.1
Pnp4nagios Pnp4nagios 0.6.10
Pnp4nagios Pnp4nagios 0.6.6
Pnp4nagios Pnp4nagios 0.6.7
Pnp4nagios Pnp4nagios 0.6.15
Pnp4nagios Pnp4nagios 0.6.16
Pnp4nagios Pnp4nagios 0.6.17
Pnp4nagios Pnp4nagios 0.6.18
Pnp4nagios Pnp4nagios
Pnp4nagios Pnp4nagios 0.6.12
Pnp4nagios Pnp4nagios 0.6.14
Pnp4nagios Pnp4nagios 0.6.2
Pnp4nagios Pnp4nagios 0.6.4
6.5
CVSSv3
CVE-2018-18499
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. T...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »