Export limit exceeded: 45577 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45577 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1418 | 1 Hp | 1 System Management Homepage | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 3.0.1.73 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1448 | 1 Lovpop | 1 Apricot | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in apricot.php in LovPop.net APRICOT, probably 1.20, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2009-1811 | 1 Collector | 1 Mygesuad | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to inject arbitrary web script or HTML via (1) the Page parameter in a List action to modules/ereignis.php, (2) the Kontext parameter in a Search action to modules/kategorie.php, (3) the image parameter to modules/image.php, or (4) the ID parameter in a Detail action to modules/sitzung.php. | ||||
| CVE-2009-1845 | 1 Lussumo | 1 Vanilla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ajax/updatecheck.php in Lussumo Vanilla 1.1.5 and 1.1.7 allows remote attackers to inject arbitrary web script or HTML via the RequestName parameter. | ||||
| CVE-2009-1874 | 1 Adobe | 1 Jrun | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1875 | 1 Adobe | 1 Coldfusion | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877. | ||||
| CVE-2009-1877 | 1 Adobe | 1 Coldfusion | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875. | ||||
| CVE-2009-1879 | 1 Adobe | 1 Flex Sdk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.template.html in the express-install templates in the SDK in Adobe Flex before 3.4, when the installed Flash version is older than a specified requiredMajorVersion value, allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2009-1880 | 1 Mt312 | 1 Rep-bbs | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps before 20090521. | ||||
| CVE-2009-1908 | 1 Openskip | 1 Skip | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1934 | 1 Sun | 2 Java System Web Server, One Web Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error. | ||||
| CVE-2009-1937 | 1 Lightneasy | 1 Lightneasy | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the comment posting feature in LightNEasy 2.2.1 "no database" (aka flat) and 2.2.2 SQLite allows remote attackers to inject arbitrary web script or HTML via the (1) commentname (aka Author), (2) commentemail (aka Email), and (3) commentmessage (aka Comment) parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1939 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1940 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1942 | 1 Drupal | 1 Quiz | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Quiz module 5.x, 6.x-2.x before 6.x-2.2, and 6.x-3.x before 6.x-3.0, a module for Drupal, allows remote authenticated users, with create quizzes or quiz questions access, to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2020 | 1 Virtuenetz | 1 Virtue News Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in news_detail.php in Virtue News Manager allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | ||||
| CVE-2009-2032 | 1 Pagedowntech | 1 Pdshoppro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2009-2033 | 1 Ricardo Alexandre De Oliveira Staudt | 1 Yogurt | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2009-2041 | 1 Activecollab | 1 Activecollab | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1772. | ||||
| CVE-2009-2048 | 1 Cisco | 6 Crs, Customer Response Applications, Ip Qm and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX database via unspecified vectors. | ||||