Export limit exceeded: 45638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45638 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6164 | 1 Dreamcost | 1 Hostadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in DreamCost HostAdmin 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2008-6161 | 1 Sourceforge | 1 Wow Raid Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-6144 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029. | ||||
| CVE-2008-6135 | 1 Drupal | 2 Drupal, Everyblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in EveryBlog 5.x and 6.x, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-6127 | 1 Mozilo | 1 Mozilocms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) query parameters to (a) index.php, (3) cat and (4) file parameters to (b) download.php, (5) gal parameter to gallery.php, and the (6) URL to admin/login.php. | ||||
| CVE-2008-6113 | 1 Semanticscuttle | 1 Semanticscuttle | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) profile page. | ||||
| CVE-2008-6108 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter. | ||||
| CVE-2008-6105 | 1 Ibm | 2 Workplace For Business Controls And Reporting, Workplace Web Content Management | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Workplace for Business Controls and Reporting 2.x and IBM Workplace Web Content Management 6.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6096 | 1 Juniper | 1 Netscreen Screenos | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page. | ||||
| CVE-2008-6095 | 1 Opennms | 1 Opennms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter. | ||||
| CVE-2008-6087 | 1 Camera Life | 1 Camera Life | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
| CVE-2008-6062 | 1 Adobe | 1 Dreamweaver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637. | ||||
| CVE-2008-6060 | 1 Infosoftglobal | 1 Fusion Charts | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter. | ||||
| CVE-2008-6047 | 1 Adbnewssender | 1 Adbnewssender | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing. | ||||
| CVE-2008-6044 | 1 Xt-commerce | 1 Xt-commerce | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in advanced_search_result.php in xt:Commerce 3.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||
| CVE-2008-6041 | 1 Dataspade | 1 Dataspade | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters. | ||||
| CVE-2008-6035 | 1 Achievo | 1 Achievo | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter. | ||||
| CVE-2008-6004 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter. | ||||
| CVE-2008-5999 | 1 Drupal | 2 Ajax Checklist, Drupal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allows remote authenticated users, with create and edit permissions for posts, to inject arbitrary web script or HTML via unspecified vectors involving the ajax_checklist filter. | ||||
| CVE-2008-5996 | 2 Drupal, Link3 | 2 Drupal, Simplenews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x before 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter category field. | ||||