Html Exploits
2,074 exploits tracked across all sources.
Scada-LTS 2.7.8.1 - Cross-Site Scripting via publisher_edit.shtm Name Parameter
A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisher_edit.shtm. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
by KarinaGante
CVSS 3.5
Scada-LTS 2.7.8.1 - Cross-Site Scripting via mailing_lists.shtm name/userList/address Parameter
A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
by KarinaGante
CVSS 3.5
Scada-LTS 2.7.8.1 - Cross-Site Scripting via Point Hierarchy Title Parameter
A vulnerability was found in Scada-LTS 2.7.8.1. Affected is an unknown function of the file pointHierarchy/new/. Performing manipulation of the argument Title results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users."
by KarinaGante
CVSS 3.5
Scada-LTS 2.7.8.1 - Cross-Site Scripting via Scheduled Events Alias Parameter
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduled_events.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users."
by KarinaGante
CVSS 3.5
Mangati NovoSGA <= 2.2.9 - Cross-Site Scripting via SVG File Handler
A security flaw has been discovered in Mangati NovoSGA up to 2.2.9. The impacted element is an unknown function of the file /admin of the component SVG File Handler. Performing manipulation of the argument logoNavbar/logoLogin results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited.
by KarinaGante
CVSS 2.4
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
by Van Lam Nguyen
ABB ASPECT/MATRIX/NEXUS Firmware < 3.08.03 - Cross-Site Request Forgery
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system settings.
Affected products:
ABB ASPECT - Enterprise v3.08.02;
NEXUS Series v3.08.02;
MATRIX Series v3.08.02
by LiquidWorm
CVSS 7.1
Microsoft 365 Apps and Office - Exposure of Sensitive Information via Spoofing
Microsoft Office Spoofing Vulnerability
by passtheticket
MOVEit SQL Injection vulnerability
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
by iitsmel
CVSS 9.8
Adobe Commerce <2.4.3-p1, <2.3.7-p2 - RCE
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.
by iitsmel
CVSS 9.8
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by iitsmel
CVSS 9.1
Blue Admin WordPress Plugin < 21.06.01 - Stored XSS and CSRF via Logo Title
The Blue Admin WordPress plugin through 21.06.01 does not sanitise or escape its "Logo Title" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin does not have CSRF check in place when saving its settings, allowing the issue to be exploited via a CSRF attack.
by Abisheik M
CVSS 8.8
Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting (XSS)
by LiquidWorm
Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF)
by LiquidWorm
Prowise Reflect <1.0.9 - Code Injection
Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send keyboard events through an exposed WebSocket on port 8082. Attackers can craft malicious web pages to inject keystrokes, opening applications and typing arbitrary text by sending specific WebSocket messages.
by Rik Lutz
CVSS 9.8
Arunna 1.0.0 - Cross-Site Request Forgery via Profile Settings Form
Arunna 1.0.0 contains a cross-site request forgery vulnerability that allows attackers to manipulate user profile settings without authentication. Attackers can craft a malicious form to change user details, including passwords, email, and administrative privileges by tricking authenticated users into submitting the form.
by =(L_L)=
CVSS 6.5
Hostel Management System 2.1 - XSS, CSRF
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.
by Anubhav Singh
CVSS 8.8
Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery (CSRF)
by Murat DEMİRCİ
Backdrop CMS 1.20 - Cross-Site Request Forgery to Remote Code Execution via Malicious Add-on Upload
A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cookie of a high-privileged authenticated user who is entitled to install arbitrary add-ons
by V1n1v131r4
CVSS 8.8
fitness_calculators < 1.9.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting
The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issue
by 0xB9
CVSS 4.3
Simple CRM 3.0 - 'Change user information' Cross-Site Request Forgery (CSRF)
by Riadh Benlamine
Database Backups WordPress Plugin <= 1.2.2.6 - Cross-Site Request Forgery
The Database Backups WordPress plugin through 1.2.2.6 does not have CSRF checks, allowing attackers to make a logged in user unwanted actions, such as generate backups of the database, change the plugin's settings and delete backups.
by 0xB9
CVSS 8.1
OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password
OpenCart 3.0.3.7 contains a cross-site request forgery vulnerability that allows attackers to change user passwords by sending crafted requests to the account/password endpoint. Attackers can trick authenticated users into submitting hidden forms with new password values in the 'password' and 'confirm' parameters to hijack accounts.
by Mert Daş
CVSS 4.3
Intelbras RF 301K Firmware 1.1.2 - Cross-Site Request Forgery
Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules.
by Rodolfo Mariano
CVSS 8.8
Ubee EVW327 - Cross-Site Request Forgery to Enable Remote Access
Ubee EVW327 contains a cross-site request forgery vulnerability that allows attackers to enable remote access without user interaction. Attackers can craft a malicious webpage that automatically submits a form to change router remote access settings to port 8080 without the user's consent.
by lated
CVSS 5.3
By Source