Export limit exceeded: 46589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46589 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0828 | 1 Atutor | 1 Atutor | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) attributes such as style and onmouseover in (a) forum post or (b) mail; or (2) the website field of the profile. | ||||
| CVE-2008-0826 | 1 Caroline | 1 Caroline | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4557 | 2 Drupal, Unleashedmind | 2 Drupal, Img Assist | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Image Assist module 5.x-1.x before 5.x-1.8, 5.x-2.x before 2.0-alpha4, 6.x-1.x before 6.x-1.1, 6.x-2.x before 2.0-alpha4, and 6.x-3.x-dev before 2009-07-15, a module for Drupal, allows remote authenticated users, with image-node creation privileges, to inject arbitrary web script or HTML via a node title. | ||||
| CVE-2008-0783 | 1 Cacti | 1 Cacti | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_view.php; (3) the action parameter to the draw_navigation_text function in lib/functions.php, reachable through index.php (aka the login page) or data_input.php; or (4) the login_username parameter to index.php. | ||||
| CVE-2008-0781 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames. | ||||
| CVE-2008-0780 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action. | ||||
| CVE-2009-4554 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attribute in a sound tag. | ||||
| CVE-2008-0769 | 1 Opentext | 1 Livelink Ecm | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input. | ||||
| CVE-2008-0765 | 1 Artmedic Webdesign | 1 Artmedic Weblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in artmedic webdesign weblog allow remote attackers to inject arbitrary web script or HTML via the (1) date parameter to artmedic_print.php and the (2) jahrneu parameter to index.php. | ||||
| CVE-2008-0751 | 2 Microsoft, S9y | 2 Internet Explorer, Serendipity Event Freetag | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/. | ||||
| CVE-2009-3701 | 1 Horde | 2 Application Framework, Groupware | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) phpshell.php, (2) cmdshell.php, or (3) sqlshell.php in admin/, related to the PHP_SELF variable. | ||||
| CVE-2008-0688 | 1 Smartscript | 1 Domain Trader | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript Domain Trader 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a viewcategory action. | ||||
| CVE-2008-0684 | 1 Itechscripts | 1 Itechclassifieds | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter. | ||||
| CVE-2008-0679 | 1 Blogphp | 1 Blogphp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2008-0676 | 1 A-blog | 1 A-blog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2008-0643 | 1 Adobe | 1 Coldfusion | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-0564 | 2 Mailman, Redhat | 2 Mailman, Enterprise Linux | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web administrator interface, a different vulnerability than CVE-2006-3636. | ||||
| CVE-2008-0552 | 1 Eticket | 1 Eticket | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in eTicket 1.5.6-RC4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2008-0547 | 1 Shoppingtree | 1 Candypress Store | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/utilities_ConfigHelp.asp in CandyPress (CP) 4.1.1.26, and probably earlier 4.x and 3.x versions, allows remote attackers to inject arbitrary web script or HTML via the helpfield parameter. | ||||
| CVE-2008-0541 | 1 Gerd Tentler | 1 Simple Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) open and (2) date_show parameters. | ||||