Export limit exceeded: 46797 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46797 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4255 | 2 Joomla, Youjoomla | 2 Joomla\!, You\!hostit\! | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the You!Hostit! template 1.0.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the created_by_alias parameter in index.php. | ||||
| CVE-2009-2240 | 1 Ad2000 | 1 Free-sw Leger | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-2962 | 1 Myblog | 1 Myblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php. | ||||
| CVE-2008-2979 | 1 Ourvideo Cms | 1 Ourvideo Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters. | ||||
| CVE-2008-0919 | 1 Open Source Security Information Management | 1 Os-sim | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and earlier allows remote attackers to inject arbitrary web script or HTML via the dest parameter. | ||||
| CVE-2008-5338 | 1 Multimania | 2 Bandsite Portal System, Bandwebsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to inject arbitrary web script or HTML via the section parameter. | ||||
| CVE-2007-6726 | 2 Apache, Dojotoolkit | 2 Struts, Dojo | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Struts and other products, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) xip_client.html and (2) xip_server.html in src/io/. | ||||
| CVE-2008-3966 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/functions_online.php, and certain (3) tsubject and (4) psubject fields in moderation.php. | ||||
| CVE-2006-6046 | 1 Epic Designs | 1 Eggblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eggblog 3.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) edit parameter to (a) admin/articles.php or (b) admin/comments.php, or the (2) add parameter to admin/users.php. | ||||
| CVE-2008-3771 | 1 Pars4u | 1 Videosharing | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter. | ||||
| CVE-2008-6433 | 1 Blueriver | 1 Sava Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action. | ||||
| CVE-2007-3761 | 1 Apple | 3 Iphone, Iphone Os, Safari | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML by causing Javascript events to be applied to a frame in another domain. | ||||
| CVE-2008-3846 | 1 Aquagardensoft | 1 Mysql-lists | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-6386 | 1 1scripts | 1 Z1exchange | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2007-0478 | 1 Apple | 3 Mac Os X, Safari, Webcore | 2026-04-23 | N/A |
| WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML comments in TITLE elements, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within an HTML comment. | ||||
| CVE-2009-1938 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to database output and the frontend administrative panel. | ||||
| CVE-2008-6173 | 1 Clip-share | 1 Clipshare | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in fullscreen.php in ClipShare Pro 4.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter. | ||||
| CVE-2008-7140 | 1 Alexguestbook | 1 \@lex Guestbook | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in @lex Guestbook 4.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) language_setup parameter to setup.php or (2) test parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: a third party has been reported that the test parameter is not used in @lex Guestbook. | ||||
| CVE-2008-6879 | 1 Apache | 1 Roller | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. | ||||
| CVE-2008-6130 | 1 Mozilo | 1 Mozilowiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters. | ||||