Export limit exceeded: 45714 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45714 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4372 | 1 Availscript | 1 Availscript Article Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter. | ||||
| CVE-2008-4393 | 1 Verisign | 1 Kontiki Delivery Management System | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the action parameter to zodiac/servlet/zodiac. | ||||
| CVE-2008-4408 | 1 Mediawiki | 1 Mediawiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component. | ||||
| CVE-2008-4411 | 1 Hp | 1 System Management Homepage | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | ||||
| CVE-2008-4432 | 2 Rmsoft, Xoops | 2 Minishop Module, Xoops | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter. | ||||
| CVE-2008-4435 | 2 Rmsoft, Xoops | 2 Downloads Plus Module, Xoops | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to search.php and the (2) id parameter to down.php. | ||||
| CVE-2008-4438 | 1 Datafeed Studio | 1 Datafeed Studio | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Datafeed Studio 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4446 | 1 Nucleus Cms | 1 Nucleus | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-4447 | 1 Positive Software | 1 H-sphere | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the mask parameter during a search action, and (3) the tab parameter during a sysinfo action. | ||||
| CVE-2008-4450 | 1 Apache Friends | 1 Xampp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password, (5) database, and (6) table parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4456 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67. | ||||
| CVE-2008-4481 | 1 Redmine | 1 Redmine | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-4485 | 1 Bluecoat | 1 Security Gateway Os | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2008-4513 | 1 Phorum | 1 Phorum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote attackers to inject arbitrary web script or HTML via nested BBcode image tags. | ||||
| CVE-2008-4520 | 1 Autonessus | 1 Autonessus | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in bulk_update.pl in AutoNessus before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the remark parameter. | ||||
| CVE-2008-4530 | 1 Drupal | 1 Brilliant Gallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers. | ||||
| CVE-2008-4532 | 1 Maxiscript | 1 Website Directory | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MaxiScript Website Directory allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action. | ||||
| CVE-2008-4533 | 1 Katan | 1 Web Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Kantan WEB Server 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-4536 | 1 Ec-cube | 1 Ec-cube | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in EC-CUBE Ver1 1.4.6 and earlier, Ver1 Beta 1.5.0-beta and earlier, Ver2 2.1.2a and earlier, Ver2 Beta(RC) 2.2.0-beta and earlier, Community Edition 1.3.4 and earlier, and Community Edition Nightly-Build r17319 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4535 and CVE-2008-4537. | ||||
| CVE-2008-4542 | 1 Cisco | 1 Unity | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | ||||