Export limit exceeded: 45821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45821 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5918 | 1 Tigris | 1 Websvn | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2008-5917 | 2 Horde, Microsoft | 2 Application Framework, Internet Explorer | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes. | ||||
| CVE-2008-5879 | 1 Phpclanwebsite | 1 Phpclanwebsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors. | ||||
| CVE-2008-5278 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable). | ||||
| CVE-2008-5271 | 1 Syndeocms | 1 Syndeocms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter. | ||||
| CVE-2008-5249 | 1 Mediawiki | 1 Mediawiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-5323 | 1 Easy-script | 1 Wysi Wiki Wyg | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter. | ||||
| CVE-2008-5211 | 1 Sphider | 1 Sphider | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3.4, when the search suggestion feature is enabled, allows remote attackers to inject arbitrary web script or HTML via the query parameter, a different vector than CVE-2006-2506. | ||||
| CVE-2008-5202 | 1 Otmanager | 1 Otmanager Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter. | ||||
| CVE-2008-5193 | 1 Philboard | 1 Philboard | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024. | ||||
| CVE-2008-5119 | 1 Scripts4profit | 1 Dxshopcart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Scripts4Profit DXShopCart 4.30mc allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | ||||
| CVE-2008-5114 | 1 Sun | 1 Java System Identity Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-4456 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67. | ||||
| CVE-2008-4450 | 1 Apache Friends | 1 Xampp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password, (5) database, and (6) table parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4447 | 1 Positive Software | 1 H-sphere | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via (1) the fn parameter during a dload action, (2) the mask parameter during a search action, and (3) the tab parameter during a sysinfo action. | ||||
| CVE-2008-4446 | 1 Nucleus Cms | 1 Nucleus | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Nucleus EUC-JP 3.31 SP1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-4438 | 1 Datafeed Studio | 1 Datafeed Studio | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Datafeed Studio 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4435 | 2 Rmsoft, Xoops | 2 Downloads Plus Module, Xoops | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the RMSOFT Downloads Plus (rmdp) module 1.5 and 1.7 for Xoops allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to search.php and the (2) id parameter to down.php. | ||||
| CVE-2008-4432 | 2 Rmsoft, Xoops | 2 Minishop Module, Xoops | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops allows remote attackers to inject arbitrary web script or HTML via the itemsxpag parameter. | ||||
| CVE-2008-4411 | 1 Hp | 1 System Management Homepage | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 2.1.15.210 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2008-1663. | ||||