Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2015-7242
Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS prior to 6.30 allows remote malicious users to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message.
Avm Fritz\\! Os
NA
CVE-2007-3838
Cross-site scripting (XSS) vulnerability in takeprofedit.php in TBDev.NET DR 11-10-05-BETA-SF1:111005 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the SRC attribute of a SCRIPT element in the avatar parameter. NOTE: this may be re...
Tbdev.net Dr 010306
Tbdev.net Dr 11-10-05-beta-sf1 1
Tbdev.net Dr 16-12-05-beta-1 161
1 EDB exploit
NA
CVE-2007-2908
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin prior to 3.6.6 allows remote malicious users to inject arbitrary web script or HTML via the title field in a single add action.
Jelsoft Vbulletin
1 EDB exploit
NA
CVE-2010-4963
SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote malicious users to execute arbitrary SQL commands via the order_by parameter.
Hulihanapplications Hulihan Bxr 0.6.8
1 EDB exploit
NA
CVE-2009-4939
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdPeeps 8.5d1 allow remote malicious users to inject arbitrary web script or HTML via the (1) uid parameter, (2) uid parameter in a login_lookup action, (3) uid parameter in an adminlogin action, (4) campaignid p...
Impactsoftcompany Adpeeps 8.5
2 EDB exploits
NA
CVE-2005-2276
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote malicious users to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag.
Novell Groupwise Webaccess 6.5
Novell Groupwise Webaccess 6.0
1 EDB exploit
NA
CVE-2006-3568
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.
Fantastic Guestbook Project Fantastic Guestbook 2.0.1
1 EDB exploit
NA
CVE-2002-2339
Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote malicious users to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6) img=left tags.
Script Shed Ssgbook 1.0
1 EDB exploit
NA
CVE-2003-0295
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote malicious users to inject arbitrary web script and HTML via the "Preview Message" capability.
Jelsoft Vbulletin 3.0.0 Beta 2
1 EDB exploit
NA
CVE-2006-5712
Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote malicious users to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element.
Mirapoint Mirapoint Webmail
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »