Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3568
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.
Fantastic Guestbook Project Fantastic Guestbook 2.0.1
1 EDB exploit
NA
CVE-2005-2276
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 6.0
1 EDB exploit
NA
CVE-2009-3718
SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to execute arbitrary SQL commands via the UserName parameter.
Davethewebguy Battle Blog 1.30
Davethewebguy Battle Blog 1.25
1 EDB exploit
NA
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
NA
CVE-2002-1453
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote malicious users to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.
Mywebserver Mywebserver 1.0.2
1 EDB exploit
NA
CVE-2007-2718
Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and previous versions, when using Microsoft Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via crafted STYLE tags.
Microsoft Internet Explorer
Stalker Communigate Pro
1 EDB exploit
NA
CVE-2007-3991
Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and poss...
Asp Indir Cvmatik
1 EDB exploit
NA
CVE-2005-4460
Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) Name, (2) Description, and (3) Comment fields to (a) links.php and (b) links_add.php.
Beehive Forum Beehive Forum 0.2
Beehive Forum Beehive Forum 0.3
Beehive Forum Beehive Forum 0.3.1
Beehive Forum Beehive Forum 0.4
Beehive Forum Beehive Forum 0.1
Beehive Forum Beehive Forum 0.1.1
Beehive Forum Beehive Forum 0.6rc1
Beehive Forum Beehive Forum 0.6rc2
Beehive Forum Beehive Forum 0.5
Beehive Forum Beehive Forum 0.6.2
1 EDB exploit
NA
CVE-2004-2475
Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote malicious users to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross pr...
Google Toolbar 1.1.42
Google Toolbar 1.1.43
Google Toolbar 1.1.54
Google Toolbar 1.1.55
Google Toolbar 2.0.114.1
Google Toolbar 1.1.47
Google Toolbar 1.1.48
Google Toolbar 1.1.58
Google Toolbar 1.1.59
Google Toolbar 1.1.44
Google Toolbar 1.1.45
Google Toolbar 1.1.56
Google Toolbar 1.1.57
Google Toolbar 1.1.41
Google Toolbar 1.1.49
Google Toolbar 1.1.53
Google Toolbar 1.1.60
1 EDB exploit
NA
CVE-2012-5315
Multiple cross-site scripting (XSS) vulnerabilities in php ireport 1.0 allow remote malicious users to inject arbitrary web script or HTML via the message parameter to (1) messages_viewer.php, (2) home.php, or (3) history.php.
Php Ireport Project Php Ireport 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »