Export limit exceeded: 349199 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349199 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45782 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45782 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0688 | 1 Smartscript | 1 Domain Trader | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in catalog.php in Smartscript Domain Trader 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in a viewcategory action. | ||||
| CVE-2009-2211 | 1 Ibm | 1 Rational Clearquest | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4157 | 2 Joomla, Joomlatune | 2 Joomla\!, Com Proofreader | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. | ||||
| CVE-2008-2842 | 1 Doitlive | 1 Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter. | ||||
| CVE-2009-2048 | 1 Cisco | 6 Crs, Customer Response Applications, Ip Qm and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors. | ||||
| CVE-2008-2855 | 1 Ownrs | 1 Ownrs | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2008-2994 | 1 Phpeasydata | 1 Phpeasydata | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php. | ||||
| CVE-2007-5990 | 1 Exo | 1 Exophpdesk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a user profile, possibly the (1) name and (2) website parameters to register.php. | ||||
| CVE-2007-5993 | 1 Vtls | 1 Vtls.web.gateway | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter. | ||||
| CVE-2009-2009 | 1 Dokeos | 1 Dokeos | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) curdirpath parameter to main/document/slideshow.php and the (2) file parameter to main/exercice/testheaderpage.php. | ||||
| CVE-2008-2975 | 1 Tinx Cms | 1 Tinx Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | ||||
| CVE-2006-6037 | 1 Leinir | 1 Travelsized Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dan Jensen Travelsized CMS 0.4.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) page, (2) page_id, or (3) language parameter. | ||||
| CVE-2008-2967 | 1 Yektaweb | 1 Academic Web Tools | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) query string to login.php and the (2) glb_sid parameter to hta/htmlarea.js.php, and allow remote authenticated users to inject arbitrary web script or HTML via an unspecified field in room.php. | ||||
| CVE-2006-6046 | 1 Epic Designs | 1 Eggblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) edit parameter to (a) admin/articles.php or (b) admin/comments.php, or the (2) add parameter to admin/users.php. | ||||
| CVE-2009-4352 | 1 Transware | 1 Active Mail 2003 | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TransWARE Active! mail 2003 build 2003.0139.0871 and earlier, and possibly other versions before 2003.0139.0939, allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Cc, and (4) Bcc parameters. | ||||
| CVE-2008-2965 | 1 Jaxbot | 1 Jaxultrabb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter. | ||||
| CVE-2008-2962 | 1 Myblog | 1 Myblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php. | ||||
| CVE-2006-6108 | 1 Ec-cube | 1 Ec-cube | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2006-6159 | 1 Deskpro | 1 Deskpro | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) message or (2) subject parameter. | ||||
| CVE-2009-3469 | 1 Ibm | 1 Lotus Connections | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||