Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
http-equiv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20405
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote malicious user to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific...
1 Github repository
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2024-0781
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" con...
Martmbithi Internet Banking System 1.0
NA
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero prior to 12.3.0 allows remote malicious users to redirect targeted victims to any URL via the '<meta http-equiv="refresh"' in the WebSocket messages.
Aspnetzero Asp.net Zero
NA
CVE-2022-3033
If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunder...
Mozilla Thunderbird
436
VMScore
CVE-2021-42564
An open redirect through HTML injection in confidential messages in Cryptshare prior to 5.1.0 allows remote attackers (with permission to provide confidential messages via Cryptshare) to redirect targeted victims to any URL via the '<meta http-equiv="refresh"...
Cryptshare Cryptshare Server
578
VMScore
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
445
VMScore
CVE-2018-19516
messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications prior to 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value.
Kde Kde Applications
383
VMScore
CVE-2018-18499
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. T...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
383
VMScore
CVE-2014-4908
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios up to and including 0.6.22 allow remote malicious users to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) share/pnp/application/views/...
Pnp4nagios Pnp4nagios 0.6.20
Pnp4nagios Pnp4nagios 0.6.11
Pnp4nagios Pnp4nagios 0.6.13
Pnp4nagios Pnp4nagios 0.6.3
Pnp4nagios Pnp4nagios 0.6.5
Pnp4nagios Pnp4nagios 0.6.19
Pnp4nagios Pnp4nagios 0.6.0
Pnp4nagios Pnp4nagios 0.6.1
Pnp4nagios Pnp4nagios 0.6.10
Pnp4nagios Pnp4nagios 0.6.6
Pnp4nagios Pnp4nagios 0.6.7
Pnp4nagios Pnp4nagios 0.6.15
Pnp4nagios Pnp4nagios 0.6.16
Pnp4nagios Pnp4nagios 0.6.17
Pnp4nagios Pnp4nagios 0.6.18
Pnp4nagios Pnp4nagios
Pnp4nagios Pnp4nagios 0.6.12
Pnp4nagios Pnp4nagios 0.6.14
Pnp4nagios Pnp4nagios 0.6.2
Pnp4nagios Pnp4nagios 0.6.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »