Export limit exceeded: 347282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45652 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45652 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0594 | 1 Apmuthu | 1 Phpskelsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2009-0575 | 1 Drupal | 1 Views Bulk Operations | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the theme_views_bulk_operations_confirmation function in views_bulk_operations.module in Views Bulk Operations 5.x before 5.x-1.3 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to node titles. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3437 | 2 Drupal, Henriksjokvist | 2 Drupal, Markdown Preview | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the live preview feature in the Markdown Preview module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via "Markdown input." | ||||
| CVE-2009-0540 | 1 Insightinformatics | 1 Libero | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Libero 5.3 SP5, and possibly other versions before 5.5 SP1, allows remote attackers to inject arbitrary web script or HTML via the search term field. | ||||
| CVE-2009-0533 | 1 Scripts-for-sites | 1 Ez Reminder | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in password.php in Scripts for Sites EZ Reminder allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0532 | 1 Scripts-for-sites | 1 Ez Baby | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in password.php in Scripts For Sites (SFS) EZ Baby allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving the u2 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0529 | 1 Electrictoad | 1 Snippetmaster Webpage Editor | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in SnippetMaster Webpage Editor 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | ||||
| CVE-2009-0502 | 2 Moodle, Snoopy | 2 Moodle, Snoopy | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page. | ||||
| CVE-2009-0500 | 1 Moodle | 1 Moodle | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via crafted log table information that is not properly handled when it is displayed in a log report. | ||||
| CVE-2009-0488 | 1 Phorum | 1 Phorum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0487 | 1 Mahara | 1 Mahara | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post. | ||||
| CVE-2009-0481 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web browsers. | ||||
| CVE-2009-0204 | 1 Hp | 1 Select Access | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0162 | 2 Apple, Microsoft | 5 Mac Os X, Mac Os X Server, Safari and 2 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL. | ||||
| CVE-2009-0107 | 1 Phpauctions | 1 Phpauctions | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. | ||||
| CVE-2009-0063 | 1 Symantec | 1 Brightmail Gateway Appliance | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0038 | 1 Apache | 1 Geronimo | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) ip, (3) username, or (4) description parameter to console/portal/Server/Monitoring; or (5) the PATH_INFO to the default URI under console/portal/. | ||||
| CVE-2009-0026 | 1 Apache | 1 Jackrabbit | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Apache Jackrabbit before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.jsp or (2) swr.jsp. | ||||
| CVE-2008-2165 | 1 Cisco | 1 Building Broadband Service Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service Manager (BBSM) Captive Portal 5.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2009-3420 | 1 Intesync | 1 Miniweb | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in the Publisher module 2.0 for Miniweb allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter and the (2) PATH_INFO. | ||||