Export limit exceeded: 45652 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45652 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3331 | 1 Mantis | 1 Mantis | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter. | ||||
| CVE-2008-6400 | 1 Refbase | 1 Refbase | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 allows remote attackers to inject arbitrary web script or HTML via the headerMsg parameter to (1) show.php and (2) search.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3334 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MyBB 1.2.x before 1.2.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving search.php. | ||||
| CVE-2008-3336 | 1 Punbb | 1 Punbb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PunBB before 1.2.19 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) include/parser.php and (2) moderate.php. | ||||
| CVE-2009-1524 | 1 Mortbay | 1 Jetty | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character. | ||||
| CVE-2008-3344 | 1 Myiosoft | 1 Easye-cards | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5) SenderMail, and (6) RecipientMail parameters. | ||||
| CVE-2007-5809 | 1 Hitachi | 14 Cosminexus Application Server Enterprise, Cosminexus Application Server Standard, Cosminexus Developer Light Version 6 and 11 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page. | ||||
| CVE-2007-0780 | 3 Canonical, Mozilla, Redhat | 4 Ubuntu Linux, Firefox, Seamonkey and 1 more | 2026-04-23 | N/A |
| browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI. | ||||
| CVE-2008-3505 | 1 Polypager | 1 Polypager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI. | ||||
| CVE-2008-3516 | 1 Adobe | 1 Presenter | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 before 7.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) viewer.swf and (2) loadflash.js, a different vulnerability than CVE-2008-3515. | ||||
| CVE-2008-6448 | 1 Skyarc | 1 Mtcms Wysiwyg Editor | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-0830 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft vBulletin 3.6.4 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified vectors related to the (1) User Group Manager, (2) User Rank Manager, (3) User Title Manager, (4) BB Code Manager, (5) Attachment Manager, (6) Calendar Manager, and (7) Forums & Moderators functions. NOTE: the vendor disputes this issue, stating that modifying HTML is an intended privilege of an administrator. NOTE: it is possible that this issue overlaps CVE-2006-6040 | ||||
| CVE-2008-6450 | 1 Under Construction Baby | 1 Pc2m | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2007-6126 | 1 Project Alumni | 1 Project Alumni | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the year parameter to (1) xml/index.php; or (2) the year parameter to view.page.inc.php, which is reachable through a view action to the top-level index.php. | ||||
| CVE-2007-6136 | 1 M2scripts | 1 My Space Scripts Poll Creator | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll Creator allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) intro, and (3) question parameters, and (4) unspecified answer parameters, in a create_new action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0523 | 1 Adobe | 2 Robohelp, Robohelp Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log. | ||||
| CVE-2007-6270 | 1 Xigla | 1 Absolute News Manager.net | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx. | ||||
| CVE-2009-0524 | 1 Adobe | 2 Robohelp, Robohelp Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp. | ||||
| CVE-2009-0525 | 1 Modernmethod | 1 Sajax | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the sajax_get_common_js function in php/Sajax.php in Sajax 0.12 allows remote attackers to inject arbitrary web script or HTML via the URL parameter, which is not properly handled when using browsers that do not URL-encode requests, such as Internet Explorer 6. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6476 | 1 Dotnetblogengine | 1 Blogengine.net | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||