Export limit exceeded: 46633 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46633 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0378 | 1 Joomla | 2 Com Beamospetition, Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. | ||||
| CVE-2009-0273 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments. | ||||
| CVE-2006-7074 | 1 Smartsitecms | 1 Smartsitecms | 2026-04-23 | N/A |
| admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain administrator privileges by setting the userName cookie. | ||||
| CVE-2008-1458 | 1 Cs-cart | 1 Cs-cart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a products search action. NOTE: it was also reported that 1.3.5-SP2 trial edition is also affected. | ||||
| CVE-2008-2563 | 1 Samtodo | 1 Samtodo | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) dsp_main.php and (2) dsp_task_editor.php in SamTodo 1.1 allow remote attackers to inject arbitrary web script or HTML via the (a) tid parameter in a main.taskeditor edit action, and the (b) completed parameter in a main.default action, to index.php. | ||||
| CVE-2009-0338 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. | ||||
| CVE-2009-2107 | 1 Webmediaexplorer | 1 Webmedia Explorer | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Webmedia Explorer (webmex) 5.09 and 5.10 allow remote attackers to inject arbitrary web script or HTML via event handlers such as onmouseover in the (1) search or (2) tag parameters; (3) arbitrary invalid parameter names that are not properly handled when triggered on a column; (4) bookmark parameter in an edit action; or (5) email parameter in a remember action. | ||||
| CVE-2008-3340 | 1 Jobbex | 1 Jobsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable (possibly the opt parameter.) | ||||
| CVE-2008-3348 | 1 Myiosoft | 1 Easydynamicpages | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter. | ||||
| CVE-2008-3353 | 1 Puresw | 1 Lore | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature. | ||||
| CVE-2008-3367 | 1 Webwizguide | 1 Web Wiz Rich Text Editor | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2008-3404 | 1 Mdsjack | 1 Mjguest | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote attackers to inject arbitrary web script or HTML via the link parameter. | ||||
| CVE-2007-5979 | 1 F5 | 1 Firepass 4100 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter. | ||||
| CVE-2008-3457 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php. | ||||
| CVE-2008-3505 | 1 Polypager | 1 Polypager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI. | ||||
| CVE-2008-3572 | 1 Pligg | 1 Pligg Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inject arbitrary web script or HTML via the category parameter. | ||||
| CVE-2008-3622 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5 through 10.5.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message that reaches a mailing-list archive, aka "persistent JavaScript injection." | ||||
| CVE-2009-2240 | 1 Ad2000 | 1 Free-sw Leger | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2283 | 1 Sun | 2 Java Web Console, Solaris | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 through 3.0.5, and Sun Java Web Console in Solaris 10, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2284 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark. | ||||