Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45668 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2008-0092 1 Phpwebsite 1 Phpwebsite 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2009-3742 1 Liferay 1 Liferay Portal 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter.
CVE-2008-0125 1 Phpstats 1 Phpstats 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter.
CVE-2008-0134 1 Snitz Communications 1 Snitz Forums 2000 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
CVE-2009-3105 1 Ibm 1 Domino Web Access 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.
CVE-2008-0155 1 Evilboard 1 Evilboard 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter.
CVE-2008-0181 1 Liferay 1 Liferay Enterprise Portal 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
CVE-2008-0201 1 Expressionengine 1 Expressionengine 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameter.
CVE-2008-0268 1 Eticket 1 Eticket 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2008-0274 1 Drupal 1 Drupal 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files.
CVE-2008-0284 1 Simple Machines 1 Simple Machines Smf 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) Itemid or (2) topic arguments.
CVE-2008-0335 1 Bugtracker.net 1 Bugtracker.net 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in BugTracker.NET before 2.7.2 allows remote attackers to inject arbitrary web script or HTML via an arbitrary custom text field.
CVE-2008-0354 1 Ibm 1 Lotus Sametime 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim.
CVE-2008-0362 1 Clever Copy 1 Clever Copy 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the album parameter.
CVE-2009-3146 1 Articlefriend 1 Articlefriend Script 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search_advance.php in ArticleFriend Script allows remote attackers to inject arbitrary web script or HTML via the SearchWd parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0426 1 Pacercms 1 Pacercms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PacerCMS before 0.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) headline, or (3) text field in a message.
CVE-2008-0381 1 Mahara 1 Mahara 2026-04-23 N/A
Unspecified vulnerability in Mahara before 0.9.1 has unknown impact and remote attack vectors, probably related to cross-site scripting (XSS) in uploaded files.
CVE-2007-5806 1 Ilias 1 Ilias 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8.3 and earlier allows remote attackers to inject arbitrary web script or HTML via attributes inside a domain-name string in the (1) mailing or (2) forum component, as demonstrated using the style and onmouseover HTML attributes.
CVE-2008-0398 1 Aflog 1 Aflog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form.
CVE-2008-0400 2 Modern, Singapore 2 Modern, Singapore 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in header.tpl.php in the modern template for Singapore 0.10.1 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter to default.php.