header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

TP-LINK TL-WR740N – Multiple HTML Injection Vulnerabilities

The TP-LINK TL-WR740N router with version 3.12.11 Build 110915 Rel.40896n is vulnerable to multiple HTML injection issues. An attacker can inject malicious HTML code into the Target Description box under Access control settings, leading to potential cross-site scripting (XSS) attacks.

GoAhead Web Server 2.5 – ‘goform/formTest’ Multiple HTML Injection Vulnerabilities

The GoAhead Web Server version 2.5 is vulnerable to multiple HTML injection flaws as it lacks proper input validation. Exploiting this vulnerability allows an attacker to execute malicious HTML code within the context of the affected site.

TP-LINK TL-WR740N – Multiple HTML Injection Vulnerabilities

The TP-LINK TL-WR740N router version 3.12.11 Build 110915 Rel.40896n is vulnerable to multiple HTML injection issues. By inserting HTML code like <h1>Hello<h1> into the Target Description box under Access control settings, an attacker can inject arbitrary HTML code into the webpage.

GoAhead Web Server 2.5 – ‘goform/formTest’ Multiple HTML Injection Vulnerabilities

Multiple HTML injection vulnerabilities are found in GoAhead Web Server version 2.5 due to insufficient input validation. Exploiting this vulnerability allows an attacker to inject and execute HTML code within the context of the affected site.

Elite Forum HTML Injection Vulnerability

The Elite Forum application fails to properly sanitize user-supplied input before using it in dynamically generated content. This allows an attacker to inject HTML and script code into the affected website, potentially leading to the theft of authentication credentials and control over the site's rendering.

HTML Injection Vulnerability in Search Enhanced module

The Search Enhanced module for is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.

Contrexx Multiple Input Validation Vulnerabilities

The Contrexx CMS is affected by multiple input validation vulnerabilities that allow for HTML injection, SQL injection, and information disclosure attacks. An attacker can exploit these vulnerabilities by supplying a specially crafted value for the 'votingoption' parameter and submitting the form. Additionally, the vulnerabilities can be exploited through the 'section' and 'term' parameters in specific URLs. These vulnerabilities can be used to carry out attacks such as executing arbitrary JavaScript code (XSS) and retrieving sensitive information from the database.

Recent Exploits: