Export limit exceeded: 347147 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45637 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3305 | 1 Carlos Desseno | 1 Youtube Blog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to inject arbitrary web script or HTML via the m parameter. | ||||
| CVE-2008-3316 | 1 Portalparts | 1 Forum Plugin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin before 2.7.1 for Geeklog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) functions.inc. | ||||
| CVE-2008-3340 | 1 Jobbex | 1 Jobsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable (possibly the opt parameter.) | ||||
| CVE-2008-3342 | 1 Myiosoft | 1 Easypublish | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_News action. | ||||
| CVE-2008-3348 | 1 Myiosoft | 1 Easydynamicpages | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter. | ||||
| CVE-2008-3353 | 1 Puresw | 1 Lore | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the (1) article comments feature and the (2) search log feature. | ||||
| CVE-2008-3358 | 2 Microsoft, Sap | 2 Internet Explorer, Netweaver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document. | ||||
| CVE-2008-3367 | 1 Webwizguide | 1 Web Wiz Rich Text Editor | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2008-3379 | 1 Snarky | 1 Visualpic | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the pic parameter to the default URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3380 | 1 Myiosoft | 1 Easybookmarker | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter. | ||||
| CVE-2008-3381 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3391 | 1 Webwizguide | 1 Web Wiz Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp. | ||||
| CVE-2008-3394 | 1 Infomining | 1 Bookmine | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in BookMine allow remote attackers to inject arbitrary web script or HTML via the (1) gallery and (2) search_string parameters. | ||||
| CVE-2008-3397 | 1 Runesoft | 1 Cerberus Cms | 2026-04-23 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie. | ||||
| CVE-2008-3448 | 1 Common-solutions | 1 Csphonebook | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. | ||||
| CVE-2008-3457 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php. | ||||
| CVE-2008-3482 | 1 Panasonic | 8 Bb Hcm511, Bb Hcm515, Bb Hcm527 and 5 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3483 | 1 Screwturn | 1 Screwturn Wiki | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page. | ||||
| CVE-2008-4591 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters. | ||||
| CVE-2008-4601 | 1 Habari | 1 Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the login feature in Habari CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the habari_username parameter. | ||||