Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-equiv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-2586
Multiple cross-site scripting (XSS) vulnerabilities in Mailtraq 2.17.3.3150 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message subject with (1) a JavaScript alert function used in conjunction with the fromCharCode method or (2) a SCRIPT elem...
Mailtraq Mailtraq 2.17.3.3150
1 EDB exploit
NA
CVE-2007-3150
Google Desktop allows user-assisted remote malicious users to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, w...
Google Desktop
NA
CVE-2012-2590
Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted SRC attribute of an IFRAME element, (3) a cr...
E-supportportal Escon Supportportal 3.0
1 EDB exploit
NA
CVE-2012-2571
Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote malicious users to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) a crafted Cascading Style Sheets (CSS) expression property, (3) a CSS exp...
Winwebmail Winwebmail Server 3.8.1.6
1 EDB exploit
6.1
CVSSv3
CVE-2024-0781
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" con...
Martmbithi Internet Banking System 1.0
NA
CVE-2012-2582
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) Help Desk 2.4.x prior to 2.4.13, 3.0.x prior to 3.0.15, and 3.1.x prior to 3.1.9, and OTRS ITSM 2.1.x prior to 2.1.5, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.6, allow remote malicious us...
Otrs Otrs 2.4.0
Otrs Otrs 2.4.9
Otrs Otrs 2.4.4
Otrs Otrs 2.4.3
Otrs Otrs 2.4.2
Otrs Otrs 2.4.10
Otrs Otrs 2.4.6
Otrs Otrs 2.4.5
Otrs Otrs 2.4.11
Otrs Otrs 2.4.1
Otrs Otrs 2.4.8
Otrs Otrs 2.4.7
Otrs Otrs 2.4.12
Otrs Otrs 3.0.0
Otrs Otrs 3.0.3
Otrs Otrs 3.0.2
Otrs Otrs 3.0.11
Otrs Otrs 3.0.12
Otrs Otrs 3.0.4
Otrs Otrs 3.0.7
Otrs Otrs 3.0.6
Otrs Otrs 3.0.10
1 EDB exploit
NA
CVE-2010-3775
Mozilla Firefox prior to 3.5.16 and 3.6.x prior to 3.6.13, and SeaMonkey prior to 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote malicious users to start processes, read arbitrary local files, and estab...
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.11
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1
8.1
CVSSv3
CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunder...
Mozilla Thunderbird
8.8
CVSSv3
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
NA
CVE-2003-0121
Clearswift MAILsweeper 4.x allows remote malicious users to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
Clearswift Mailsweeper 4.0
Clearswift Mailsweeper 4.1
Clearswift Mailsweeper 4.2
Clearswift Mailsweeper 4.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »