Export limit exceeded: 45731 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45731 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2006-7233 1 Ignite Realtime 1 Openfire 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions before 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2006-7238 1 Mark Girling 1 Myshoutpro 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in MyShoutPro before 1.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4518 2 Drupal, Mark Burton 2 Drupal, Insertnode 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node.
CVE-2009-4516 2 Drupal, Nanwich 2 Drupal, Faq Ask 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6278 1 Rakhisoftware 1 Rakhisoftware Shopping Cart 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in product.php in RakhiSoftware Price Comparison Script (aka Shopping Cart) allow remote attackers to inject arbitrary web script or HTML via the (1) category_id and (2) subcategory_id parameters.
CVE-2008-6267 1 Sadi Samami 1 Multi Languages Webshop Online 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2009-4514 2 Astha Bhatnagar, Drupal 2 Shindigintegrator, Drupal 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" privileges, to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6259 1 Quadcomm 1 Q-shop 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter.
CVE-2008-5979 1 Ocean12 Technologies 1 Mailing List Manager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter.
CVE-2008-5976 1 Preprojects 1 Php Jobwebsite Pro 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field.
CVE-2009-4513 2 Drupal, John Vandyk 2 Drupal, Workflow 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Workflow module 5.x before 5.x-2.4 and 6.x before 6.x-1.2, a module for Drupal, allow remote authenticated users, with "administer workflow" privileges, to inject arbitrary web script or HTML via the name of a (1) workflow or (2) workflow state.
CVE-2008-5971 1 I-netsolution 1 Orkut Clone 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
CVE-2009-4539 1 Sqlitemanager 1 Sqlitemanager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter.
CVE-2008-5944 1 Navboard 1 Navboard 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attackers to inject arbitrary web script or HTML via the module parameter.
CVE-2008-5942 1 Modxcms 1 Modxcms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the preserveUrls function and (2) "username input." NOTE: vector 2 may be related to CVE-2008-5939.
CVE-2009-4497 1 Malcom Box 1 Lxr Cross Referencer 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program.
CVE-2009-4478 1 Xstate 1 Real Estate 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html.
CVE-2008-5918 1 Tigris 1 Websvn 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-5917 2 Horde, Microsoft 2 Application Framework, Internet Explorer 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes.
CVE-2009-3629 1 Typo3 1 Typo3 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.