Search Results (83792 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6240 1 Openedit 1 Openedit Digital Asset Management 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in data/views/index.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the catalogid parameter.
CVE-2008-3771 1 Pars4u 1 Videosharing 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.
CVE-2009-0805 2 Mihai Bazon, Xoops 2 Pical, Xoops 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.
CVE-2008-6238 1 Openedit 1 Openedit Digital Asset Management 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in archive/savedqueries/savequeryfinish.html in OpenEdit Digital Asset Management (DAM) before 5.2014 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-3781 1 Gmod 1 Gbrowse 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in GMOD GBrowse before 1.69 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1604 1 Perlmailer 1 Perlmailer 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in PerlMailer before 3.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1951 1 Propertymaxpro 1 Propertymax Pro Free 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote attackers to inject arbitrary web script or HTML via the pl parameter in a mi action.
CVE-2009-0424 1 An Guestbook 1 An Guestbook 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remote attackers to inject arbitrary web script or HTML via the country parameter, which is not properly handled in (1) administrator/manage.php or (2) administrator/trash.php. NOTE: some of these details are obtained from third party information.
CVE-2009-0245 1 Usagi 1 Mynets 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4629.
CVE-2009-1942 1 Drupal 1 Quiz 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6164 1 Dreamcost 1 Hostadmin 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2009-1939 1 Joomla 1 Joomla 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1937 1 Lightneasy 1 Lightneasy 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no database" (aka flat) and 2.2.2 SQLite allows remote attackers to inject arbitrary web script or HTML via the (1) commentname (aka Author), (2) commentemail (aka Email), and (3) commentmessage (aka Comment) parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-0679 1 Blogphp 1 Blogphp 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2009-4249 1 Cutephp 1 Cutenews 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CutePHP CuteNews 1.4.6, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) lastusername and (2) mod parameters to index.php; and (3) the title parameter to search.php.
CVE-2009-1916 1 Gscripts 1 Dns Tools 2026-04-23 N/A
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the ns parameter.
CVE-2008-7035 2 Phpraider, Simple Machines 2 Phpraider, Phpraider 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in an unspecified component in Simple Machines phpRaider 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the resistance field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1908 1 Openskip 1 Skip 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1716 1 Woltlab 1 Burning Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.
CVE-2008-7036 2 Bcoos, E-xoops 3 Bcoos, Devtracker, E-xoops 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) direction and (2) order_by parameters.