CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 347729 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45689 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45689 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-0274	1 Drupal	1 Drupal	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML via crafted links involving theme .tpl.php files.
CVE-2008-0268	1 Eticket	1 Eticket	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in view.php in eTicket 1.5.5.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2008-0201	1 Expressionengine	1 Expressionengine	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in ExpressionEngine 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameter.
CVE-2008-0181	1 Liferay	1 Liferay Enterprise Portal	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
CVE-2007-5414	1 Mozilla	1 Firefox	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content is rendered directly in UTF-7, allows remote attackers to inject arbitrary web script or HTML via a gopher URI that uses single quote characters to delimit a literal string within an XSS sequence, a related issue to CVE-2007-5415.
CVE-2008-0155	1 Evilboard	1 Evilboard	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter.
CVE-2009-3105	1 Ibm	1 Domino Web Access	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.
CVE-2008-0134	1 Snitz Communications	1 Snitz Forums 2000	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Forums/setup.asp in Snitz Forums 2000 3.4.06 and earlier allows remote attackers to inject arbitrary web script or HTML via the MAIL parameter.
CVE-2008-0125	1 Phpstats	1 Phpstats	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in phpstats.php in Michael Wagner phpstats 0.1 alpha allows remote attackers to inject arbitrary web script or HTML via the baseDir parameter.
CVE-2009-3742	1 Liferay	1 Liferay Portal	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Liferay Portal before 5.3.0 allows remote attackers to inject arbitrary web script or HTML via the p_p_id parameter.
CVE-2008-0092	1 Phpwebsite	1 Phpwebsite	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2007-5479	1 Xcomputer	1 Xcomputer	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter.
CVE-2007-5480	1 Innovaage	1 Innovashop	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
CVE-2007-5728	1 Phppgadmin	1 Phppgadmin	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
CVE-2007-5647	1 Socketkb	1 Socketkb	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) art_id or (2) node parameter in an article action to the default URI.
CVE-2007-5727	1 Oneorzero	1 Oneorzero Helpdesk	2026-04-23	N/A
Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in the description parameter to (1) tcreate.php or (2) tupdate.php, as demonstrated using an onmouseover event in a b tag.
CVE-2008-3391	1 Webwizguide	1 Web Wiz Forum	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp.
CVE-2007-5625	1 Simongibson	1 Asp Site Search Searchsimon Lite	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter.
CVE-2009-2889	1 Phpscriptsnow	1 Hangman	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter.
CVE-2007-5648	1 Rnote	1 Rnote	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) d or the (2) u parameter.

« first previous Page 280 of 2285. next last »