Export limit exceeded: 347834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45694 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4836 | 1 Phpmyquote | 1 Phpmyquote | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action. | ||||
| CVE-2008-5513 | 4 Canonical, Debian, Mozilla and 1 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data. | ||||
| CVE-2008-0455 | 2 Apache, Redhat | 6 Http Server, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by uploading a file with a name containing XSS sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file. | ||||
| CVE-2008-0539 | 1 F5 | 1 Big-ip Application Security Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter. | ||||
| CVE-2009-3567 | 1 Kayako | 2 Esupport, Supportsuite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/tickets/functions_ticketsui.php in Kayako SupportSuite and eSupport 3.60.04 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the staff control panel, a different vector than CVE-2007-1145. | ||||
| CVE-2008-2168 | 1 Apache | 1 Http Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly handled when displaying the 403 Forbidden error page. | ||||
| CVE-2009-3562 | 1 Xerver | 1 Xerver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action. | ||||
| CVE-2007-4633 | 1 Cisco | 2 Call Manager, Unified Communications Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. | ||||
| CVE-2008-1304 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) inviteemail parameter in an invite action to wp-admin/users.php and the (2) to parameter in a sent action to wp-admin/invites.php. | ||||
| CVE-2007-6564 | 1 Limbo Cms | 1 Limbo Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS 1.0.4.2 allows remote attackers to inject arbitrary web script or HTML via the com_option parameter. | ||||
| CVE-2007-0175 | 1 B2evolution | 1 B2evolution | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter. | ||||
| CVE-2006-5168 | 1 Simon Brown | 1 Pebble | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2009-3757 | 1 Citrix | 1 Xencenterweb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to config/edituser.php; (2) location, (3) sessionid, and (4) vmname parameters to console.php; (5) vmrefid and (6) vmname parameters to forcerestart.php; and (7) vmname and (8) vmrefid parameters to forcesd.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5203 | 1 Poweraward | 1 Poweraward | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in external_vote.php in PowerAward 1.1.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the l_vote_done parameter. | ||||
| CVE-2007-4189 | 1 Joomla | 1 Joomla\! | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6162 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the pageAlias parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3917 | 1 Ovidentia | 1 Ovidentia | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter in a search action. | ||||
| CVE-2007-1519 | 1 Phpnuke | 1 Php-nuke | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in PHP-Nuke 8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the Downloads module, a different product than CVE-2006-3948. | ||||
| CVE-2008-3923 | 1 Hans Oesterholt | 1 Cmme | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action. | ||||
| CVE-2007-3694 | 1 Getmiro | 1 Broadcast Machine | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||