Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rss feed reader vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-5410
PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RSS Reader (com_wmtrssreader) 1.0 component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.
Joomla Joomla
Webmaster-tips Flash Rss Reader 1.0
1 EDB exploit
605
VMScore
CVE-2007-2060
Cross-zone scripting vulnerability in the Wizz RSS Reader prior to 2.1.9 extension to Mozilla Firefox allows remote malicious users to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.
Wizz Computers Wizz Rss Reader
435
VMScore
CVE-2011-0740
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the rss_url parameter.
Pleer Rss Feed Reader 0.1
1 EDB exploit
440
VMScore
CVE-2009-1467
Multiple cross-site scripting (XSS) vulnerabilities in IceWarp eMail Server and WebMail Server prior to 9.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the body of a message, related to the email view and incorrect HTML filtering in the cleanHTML...
Icewarp Webmail Server 2.10.115
Icewarp Webmail Server 2.10.150
Icewarp Webmail Server 2.10.240
Icewarp Webmail Server 2.10.250
Icewarp Webmail Server 2.10.340
Icewarp Webmail Server 2.10.350
Icewarp Webmail Server 3.10.110
Icewarp Webmail Server 4.00.30
Icewarp Webmail Server 4.4.2
Icewarp Webmail Server 5.1.2
Icewarp Webmail Server 5.5.3
Icewarp Webmail Server 5.5.4
Icewarp Webmail Server 5.8.4
Icewarp Webmail Server 5.8.5
Icewarp Webmail Server 6.1.0
Icewarp Webmail Server 6.2.1
Icewarp Webmail Server 7.4.5
Icewarp Webmail Server 7.5.2
Icewarp Webmail Server 8.2.2
Icewarp Webmail Server 8.3.5
Icewarp Webmail Server 2.10.110
Icewarp Webmail Server 9.2.0
2 EDB exploits
668
VMScore
CVE-2009-3114
The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote malicious users to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.
Ibm Lotus Notes 8.5
383
VMScore
CVE-2008-6570
Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 up to and including 2.1.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted RSS feed.
Cybozu Garoon 2.0.3
Cybozu Garoon 2.0.4
Cybozu Garoon 2.0.0
Cybozu Garoon 2.1.3
Cybozu Garoon 2.1.0
Cybozu Garoon 2.0.1
Cybozu Garoon 2.0.2
Cybozu Garoon 2.1.1
Cybozu Garoon 2.1.2
Cybozu Garoon 2.0.5
Cybozu Garoon 2.0.6
383
VMScore
CVE-2011-3999
Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote malicious users to inject arbitrary web script or HTML via a crafted feed.
Ibc.co.jp Iwate Portal Bar -
383
VMScore
CVE-2006-4762
Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote malicious users to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite.
Rssreader Rssreader
383
VMScore
CVE-2006-4761
Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman SharpReader allow remote malicious users to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite.
Luke Hutteman Sharpreader
383
VMScore
CVE-2012-6453
Cross-site scripting (XSS) vulnerability in the RSS Reader extension prior to 0.2.6 for MediaWiki allows remote malicious users to inject arbitrary web script or HTML via a crafted feed.
Mediawiki Rssreader 0.2.4
Mediawiki Rssreader 0.2.2
Mediawiki Rssreader 0.2.1
Mediawiki Rssreader 0.2
Mediawiki Rssreader
Mediawiki Rssreader 0.2.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »