Export limit exceeded: 45732 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45732 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1524 | 1 Mortbay | 1 Jetty | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character. | ||||
| CVE-2009-1501 | 2 Drupal, Exif | 2 Drupal, Exif | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Exif module 5.x-1.x before 5.x-1.2 and 6.x-1.x-dev before April 13, 2009, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via EXIF tags in an image. | ||||
| CVE-2009-1484 | 1 Gecad | 1 Axigen Mail Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the web mail interface feature in AXIGEN Mail Server 6.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving e-mail messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1482 | 2 Moinmo, Moinmoin | 2 Moinmoin, Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260. | ||||
| CVE-2009-1461 | 1 Razorcms | 1 Razorcms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Create New Page form in razorCMS 0.3 RC2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Page Title field. | ||||
| CVE-2009-1454 | 1 Andrew Simpson | 1 Webcollab | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in tasks.php in WebCollab before 2.50 (aka Billy Goat) allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action. | ||||
| CVE-2009-1448 | 1 Lovpop | 1 Apricot | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net APRICOT, probably 1.20, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2009-1451 | 1 Bluevirus-design | 1 Sma-db | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2009-1418 | 1 Hp | 1 System Management Homepage | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1408 | 1 Webspell | 1 Webspell | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote attackers to inject arbitrary web script or HTML allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated using (1) email, (2) img, and (3) url tags. | ||||
| CVE-2009-1344 | 1 Drupal | 2 Drupal, Localization Client | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality. | ||||
| CVE-2009-1343 | 1 Drupal | 2 Drupal, Print | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.5 and 6.x before 6.x-1.5, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via content titles. | ||||
| CVE-2009-1334 | 1 Ibm | 1 Tivoli Continuous Data Protection For Files | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in login/FilepathLogin.html in IBM Tivoli Continuous Data Protection (CDP) for Files 3.1.4.0 allows remote attackers to inject arbitrary web script or HTML via the reason parameter. | ||||
| CVE-2009-1333 | 1 Hp | 1 Deskjet 6840 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in refresh_rate.htm in the web interface on the HP Deskjet 6840 printer with firmware XF1M131A allows remote attackers to inject arbitrary web script or HTML via the POST request body. | ||||
| CVE-2009-1310 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element. | ||||
| CVE-2009-1308 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. | ||||
| CVE-2009-1294 | 2 Liferay, Novell | 2 Liferay Enterprise Portal, Teaming | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3) allow remote attackers to inject arbitrary web script or HTML via the (1) p_p_state or (2) p_p_mode parameters. | ||||
| CVE-2009-1288 | 1 Ibm | 2 Advanced Management Module, Bladecenter | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to inject arbitrary web script or HTML via (1) the username in a login action or (2) the PATH parameter to private/file_management.ssi in the File manager. | ||||
| CVE-2009-1287 | 1 Cisco | 1 Subscriber Edge Services Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Subscriber Edge Services Manager (SESM) allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1281 | 1 Glfusion | 1 Glfusion | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in glFusion before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||