Export limit exceeded: 45574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45574 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1879 | 1 Adobe | 1 Flex Sdk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2009-1880 | 1 Mt312 | 1 Rep-bbs | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps before 20090521. | ||||
| CVE-2009-1908 | 1 Openskip | 1 Skip | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1934 | 1 Sun | 2 Java System Web Server, One Web Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error. | ||||
| CVE-2009-1937 | 1 Lightneasy | 1 Lightneasy | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no database" (aka flat) and 2.2.2 SQLite allows remote attackers to inject arbitrary web script or HTML via the (1) commentname (aka Author), (2) commentemail (aka Email), and (3) commentmessage (aka Comment) parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1939 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1940 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1942 | 1 Drupal | 1 Quiz | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2020 | 1 Virtuenetz | 1 Virtue News Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | ||||
| CVE-2009-2032 | 1 Pagedowntech | 1 Pdshoppro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2009-2033 | 1 Ricardo Alexandre De Oliveira Staudt | 1 Yogurt | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2009-2041 | 1 Activecollab | 1 Activecollab | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1772. | ||||
| CVE-2009-2048 | 1 Cisco | 6 Crs, Customer Response Applications, Ip Qm and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors. | ||||
| CVE-2009-2571 | 1 Verliadmin | 1 Verliadmin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in VerliAdmin 0.3.7 and 0.3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the URI, (2) the q parameter, (3) the nick parameter, or (4) the nick parameter in a bantest action. | ||||
| CVE-2009-2581 | 1 Editeurscripts | 1 Esnews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modifier.php in EditeurScripts EsNews 1.2 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2009-2588 | 1 Resalecode | 1 Hotscripts Type Php Clone Script | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php. | ||||
| CVE-2009-2589 | 1 Resalecode | 1 Hutscripts Php Website Script | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php. | ||||
| CVE-2009-2594 | 1 Censura | 1 Censura | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in censura.php in Censura 1.16.04 allows remote attackers to inject arbitrary web script or HTML via the itemid parameter in a details action. | ||||
| CVE-2009-3565 | 1 Mcafee | 1 Intrushield Network Security Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager (NSM) before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the (1) iaction or (2) node parameter. | ||||
| CVE-2009-2610 | 2 Drupal, Scott Courtney | 2 Drupal, Links Package | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Links Related module in the Links Package 5.x before 5.x-1.13 and 6.x before 6.x-1.2, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via the title field. | ||||