Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web frontend vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29929
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce allows Stored XSS.This issue affects WCFM – Frontend Manager for WooCommerce: from n/a up to and including...
6.1
CVSSv3
CVE-2021-31740
SEPPMail's web frontend, user input is not embedded correctly in the web page and therefore leads to cross-site scripting vulnerabilities (XSS).
Seppmail Seppmail -
NA
CVE-2008-0877
Multiple cross-site scripting (XSS) vulnerabilities in Jinzora Media Jukebox 2.7.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) frontend, (2) set_frontend, (3) jz_path, (4) theme, and (5) set_theme parameters to (a) index.php; the frontend, them...
Jinzora Media Jukebox 2.7.5
4 EDB exploits
7.5
CVSSv3
CVE-2022-24790
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request sta...
Puma Puma
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2004-0787
Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and previous versions, and 0.9.2 RC6 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via the form input fields.
Openca Openca 0.9.0.1
Openca Openca 0.9.0.2
Openca Openca 0.9.1.7
Openca Openca 0.9.1.8
Openca Openca 0.8.6
Openca Openca 0.9.0
Openca Openca 0.9.1.5
Openca Openca 0.9.1.6
Openca Openca 0.9.1
Openca Openca 0.9.1.2
Openca Openca 0.9.2 Rc6
Openca Openca 0.8.0
Openca Openca 0.8.1
Openca Openca 0.9.1.3
Openca Openca 0.9.1.4
NA
CVE-2014-100034
Cross-site scripting (XSS) vulnerability in the frontend interface in LicensePal ArcticDesk prior to 1.2.5 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Licensepal Arcticdesk
NA
CVE-2007-4022
Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote malicious users to inject arbitrary web script or HTML via the resname parameter.
Cpanel Cpanel 10.9.1
1 EDB exploit
NA
CVE-2009-4823
Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 up to and including 11.24.7 allows remote malicious users to inject arbitrary web script or HTML via the fileop parameter.
Cpanel Cpanel 11.0
Cpanel Cpanel 11.19.3
Cpanel Cpanel 11.21
Cpanel Cpanel 11.24
Cpanel Cpanel 11.24.7
Cpanel Cpanel 11.18.1
Cpanel Cpanel 11.18.2
Cpanel Cpanel 11.22.1
Cpanel Cpanel 11.22.2
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.18.4
Cpanel Cpanel 11.22.3
Cpanel Cpanel 11.4.19
Cpanel Cpanel 11.16
Cpanel Cpanel 11.18
Cpanel Cpanel 11.22
1 EDB exploit
NA
CVE-2008-1499
Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote malicious users to inject arbitrary web script or HTML via the query string.
Cpanel Cpanel 11.18.3
Cpanel Cpanel 11.21
1 EDB exploit
5.4
CVSSv3
CVE-2018-20370
SZ NetChat prior to 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend.
The-sz Netchat
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »