Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
html injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1678
Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote malicious users to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler.
Fizzle Fizzle 0.5
1 EDB exploit
NA
CVE-2002-1804
Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Npds Npds 4.8
1 EDB exploit
NA
CVE-2002-1805
Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via Javascript in an IMG tag.
Dacode Dacode 1.2.0
1 EDB exploit
NA
CVE-2006-0409
Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote malicious users to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup.
Pixelpost Photoblog 1.4.3
1 EDB exploit
NA
CVE-2006-0443
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment.
Cheesyblog Cheesyblog 1.0
1 EDB exploit
NA
CVE-2010-2154
Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information.
Cmscout Cmscout 2.09
1 EDB exploit
NA
CVE-2007-1229
Cross-site scripting (XSS) vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote malicious users to inject arbitrary web script or HTML via the top-level URI on the Incoming interface (port 8001/tcp), which is not properly handled in the administrator interface when v...
Nullsoft Shoutcast Server 1.9.7
1 EDB exploit
NA
CVE-2005-3308
Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) name or (2) comment parameter in detail.php, (3) the username parameter in get.php, and (4) the search parameter in index.php.
Zomplog Zomplog 3.3
Zomplog Zomplog 3.4
1 EDB exploit
5.4
CVSSv3
CVE-2023-48837
Car Rental Script 3.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.
Phpjabbers Car Rental Script 3.0
5.4
CVSSv3
CVE-2023-48838
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code.
Phpjabbers Appointment Scheduler 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »