Export limit exceeded: 349775 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45870 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1213 | 2 Linux, Numara | 2 Linux Kernel, Footprints | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 allows remote attackers to inject arbitrary web script or HTML via the Title form field when setting an appointment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1225 | 1 Webct | 1 Webct | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a (1) mail message or (2) discussion board message. NOTE: this might overlap CVE-2005-1076. | ||||
| CVE-2008-1222 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Dokeos 1.8.4 before SP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1224 | 1 Bosdev | 1 Bosclassifieds Classified Ads | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in account.php in BosClassifieds Classified Ads System 3.0 allows remote attackers to inject arbitrary web script or HTML via the returnTo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4140 | 1 Opensolution | 1 Quick.cart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Quick.Cart 3.1 allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2008-1258 | 1 D-link | 1 Di-604 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. | ||||
| CVE-2008-1283 | 1 Silver-forge | 1 Neptune Web Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page. | ||||
| CVE-2008-1285 | 2 Redhat, Sun | 2 Jboss Enterprise Application Platform, Jsf | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-5770 | 1 Phpweather | 1 Phpweather | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2008-1345 | 1 Myiosoft | 1 Easycalendar | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and earlier allows remote attackers to inject arbitrary web script or HTML via the day parameter in a dayview action. | ||||
| CVE-2007-0891 | 1 Matthieu Aubry | 1 Phpmyvisites | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2008-1499 | 1 Cpanel | 1 Cpanel | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2008-5761 | 1 Flatnux | 1 Flatnux | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter to the default URI; (2) the foto parameter to photo.php in the 05_Foto module; or (3) the name parameter in an insertrecord action to index.php in the 08_Files module, as demonstrated by injection within a SRC attribute of an IFRAME element. | ||||
| CVE-2008-4742 | 1 Timetrex | 1 Timetrex | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in interface/Login.php in TimeTrex 2.2.11 allow remote attackers to inject arbitrary web script or HTML via the (1) password and (2) user_name parameters. | ||||
| CVE-2008-6654 | 1 Structum | 1 Infobiz Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||
| CVE-2008-0155 | 1 Evilboard | 1 Evilboard | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter. | ||||
| CVE-2009-4363 | 1 Horde | 2 Application Framework, Groupware | 2026-04-23 | N/A |
| Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 does not properly handle data: URIs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via data:text/html values for the HREF attribute of an A element in an HTML e-mail message. NOTE: the vendor states that the issue is caused by "an XSS vulnerability in Firefox browsers." | ||||
| CVE-2009-2778 | 1 Garagesalesjunkie | 1 Garagesales Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in visitor/view.php in GarageSales Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3155 | 2 Almondsoft, Joomla | 2 Com Aclassf, Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter. | ||||
| CVE-2009-4346 | 2 Toni Milovan, Typo3 | 2 Fe Rtenews, Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Frontend news submitter with RTE (fe_rtenews) extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||