Export limit exceeded: 45604 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45604 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5161 | 1 I-systems Inc. | 1 Feedreader | 2026-04-23 | N/A |
| Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. NOTE: this was originally reported as XSS. | ||||
| CVE-2007-5179 | 1 Y\&k Iletisim Formu | 1 Y\&k Iletisim Formu | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in Y&K Iletisim Formu allow remote attackers to inject arbitrary web script or HTML via the (1) ad, (2) sehir, (3) yas, (4) cins, (5) tel, (6) mail, and (7) mesaj parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5182 | 1 Netkamp | 1 Netkamp Emlak Scripti | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in mail.asp in Netkamp Emlak Scripti allows remote attackers to inject arbitrary web script or HTML via the (1) Email parameter, and possibly the (2) Ad, (3) Soyad, (4) Konu, and (5) Mesaj parameters to iletisim.asp. | ||||
| CVE-2007-5183 | 1 Megasol | 1 Odysseysuite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mailbox.mws in OdysseySuite, possibly 4.0.729, allows remote attackers to inject arbitrary web script or HTML via the idkey parameter. | ||||
| CVE-2007-5211 | 1 Arbor Networks | 1 Peakflow Sp | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5212 | 1 Axis | 2 2100 Network Camera, 2100 Network Camera Firmware | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings. | ||||
| CVE-2007-5214 | 1 Axis | 1 2100 Network Camera | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings. | ||||
| CVE-2007-5218 | 1 Don Barnes | 1 Drbguestbook | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Don Barnes DRBGuestbook 1.1.13 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2007-5235 | 1 Uebimiau | 1 Uebimiau | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Uebimiau 2.7.2 through 2.7.10 allows remote attackers to inject arbitrary web script or HTML via the f_email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5255 | 1 Google | 1 Mini Search Appliance | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI. | ||||
| CVE-2007-5292 | 1 Splitside | 1 Directory Image Gallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the backwardDirectory parameter. | ||||
| CVE-2007-5295 | 1 Wikepage | 1 Opus | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a) Wikepage Opus 13 2007.2 and (b) TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the (1) PageContent and (2) PageName parameters. | ||||
| CVE-2007-5296 | 1 Livio Siri | 1 Dblist | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp in dbList 8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) db, (2) pagesize, (3) sort, (4) strKeyWords, and (5) table parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4196 | 1 Huawei | 1 Mt882 V100t002b020 Arg-t | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the (1) BackButton parameter to error_1; (2) wzConnFlag parameter to fresh_pppoe_1; (3) diag_pppindex_argen and (4) DiagStartFlag parameters to rpDiag_argen_1; (5) wzdmz_active and (6) wzdmzHostIP parameters to rpNATdmz_argen_1; (7) wzVIRTUALSVR_endPort, (8) wzVIRTUALSVR_endPortLocal, (9) wzVIRTUALSVR_IndexFlag, (10) wzVIRTUALSVR_localIP, (11) wzVIRTUALSVR_startPort, and (12) wzVIRTUALSVR_startPortLocal parameters to rpNATvirsvr_argen_1; (13) Connect_DialFlag, (14) Connect_DialHidden, and (15) Connect_Flag parameters to rpStatus_argen_1; (16) Telephone_select, and (17) wzFirstFlag parameters to rpwizard_1; and (18) wzConnectFlag parameter to rpwizPppoe_1. | ||||
| CVE-2007-5297 | 1 Minki | 1 Minki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2007-5302 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-5303 | 1 Snewscms | 1 Snewscms Rus | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter. | ||||
| CVE-2007-5304 | 1 Yannick Tanguy | 1 Else If Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote parameter to utilisateurs/votesresultats.php, and the (3) elseifforumtxtmenugeneraleduforum parameter to moduleajouter/depot/adminforum.php. | ||||
| CVE-2007-5312 | 1 Torrenttrader | 1 Torrenttrader | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote attackers to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php. | ||||
| CVE-2007-5370 | 1 Netwin | 1 Dnewsweb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter. | ||||