Export limit exceeded: 45781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45781 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2445 | 1 Wgcc | 1 Web Group Communication Center | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a show action. | ||||
| CVE-2008-2449 | 1 Ikemcg | 1 Phpinstantgallery | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Isaac McGowan phpInstantGallery 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gallery parameter to (a) index.php and (b) image.php, and the (2) imgnum parameter to image.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2450 | 1 Inmedias | 1 Statistics | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2452 | 1 Inmedias | 1 Questionaire | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Questionaire (aka pbsurvey) extension 1.2.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2458 | 1 4shared | 1 Starsgames Control Panel | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter. | ||||
| CVE-2008-2462 | 1 Caucho | 1 Resin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4, allows remote attackers to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2008-2485 | 1 Pcpin | 1 Pcpin Chat | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the URL redirection script (inc/url_redirection.inc.php) in PCPIN Chat before 6.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-2490 | 1 Typo3 | 1 Kj Imagelightbox2 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input." | ||||
| CVE-2008-2494 | 1 Pancake | 1 Zina | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter. | ||||
| CVE-2008-2505 | 1 Simpel Side | 1 Weblosninger | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2008-2507 | 1 Brown Bear Software | 1 Calcium | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the CalendarName parameter in a ShowIt action. | ||||
| CVE-2008-2508 | 1 Tr Script News | 1 Tr Script News | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in news.php in Tr Script News 2.1 allows remote attackers to inject arbitrary web script or HTML via the "nb" parameter in voir mode. | ||||
| CVE-2008-2525 | 1 Typo3 | 1 Rlmp Eventdb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2527 | 1 Actualscripts | 4 Actualanalyzer Gold, Actualanalyzer Lite, Actualanalyzer Pro and 1 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter. | ||||
| CVE-2008-2533 | 1 Fkrauthan | 1 Phoenix View Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin/admin_frame.php and the (2) conf parameter to (b) gbuch.admin.php, (c) links.admin.php, (d) menue.admin.php, (e) news.admin.php, and (f) todo.admin.php in admin/module/. | ||||
| CVE-2008-2553 | 1 Slashcode.com | 1 Slash | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) R_2_5_0_94 and earlier allows remote attackers to inject arbitrary web script or HTML via the userfield parameter. | ||||
| CVE-2008-2557 | 1 Cre Loaded | 1 Cre Loaded | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in CRE Loaded 6.2.13.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) Links and (2) Links Submit pages. | ||||
| CVE-2008-2561 | 1 Fourtwosevenbb | 1 427bb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to (a) register.php, (b) reminder.php, and (c) search.php; the (2) uname, (3) email, and (4) email2 parameters to register.php; the (5) email parameter to reminder.php; and the (6) keywords parameter to search.php. | ||||
| CVE-2008-2563 | 1 Samtodo | 1 Samtodo | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) dsp_main.php and (2) dsp_task_editor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the (a) tid parameter in a main.taskeditor edit action, and the (b) completed parameter in a main.default action, to index.php. | ||||
| CVE-2008-2566 | 1 Php-address Book | 1 Php-address Book | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI. | ||||