Export limit exceeded: 45653 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45653 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2181 | 1 Campware.org | 1 Campsite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin-files/templates/list_dir.php in Campsite 3.3.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the listbasedir parameter. | ||||
| CVE-2009-2211 | 1 Ibm | 1 Rational Clearquest | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2215 | 1 Urdland | 1 Urd | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other components. | ||||
| CVE-2009-2217 | 1 Phantom-inker | 1 Nbbc | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in NBBC before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via an invalid URL in a BBCode img tag. | ||||
| CVE-2009-2219 | 1 David Degner | 1 Phpcollegeexchange | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the (1) _SESSION[handle] parameter to (a) home.php, (b) books/allbooks.php, or (c) books/home.php; or the (2) home parameter to (d) i_head.php or (e) i_nav.php, or (f) allbooks.php, (g) home.php, or (h) i_nav.php in books/. | ||||
| CVE-2009-2228 | 1 Kasseler-cms | 1 Kasseler Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in engine.php in Kasseler CMS allows remote attackers to inject arbitrary web script or HTML via the url parameter in a redirect action. | ||||
| CVE-2009-2221 | 1 Php.s3 | 1 Php-i-board | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2226 | 1 Php.s3 | 1 Tree Bbs | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2268 | 1 Sun | 1 Java System Access Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2284 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark. | ||||
| CVE-2009-2289 | 1 Arcadetradescript | 1 Arcade Trade Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Arcade Trade Script 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the q parameter in a gamelist action. | ||||
| CVE-2009-2292 | 1 Appleple | 1 A-news | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2302 | 1 Avatic | 1 Aardvark Topsites Php | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected. | ||||
| CVE-2009-2322 | 1 Axesstel | 1 Mv 410r | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/sysconf.cgi on the Axesstel MV 410R allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-2324 | 1 Fckeditor | 1 Fckeditor | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory. | ||||
| CVE-2009-2327 | 1 Max Kervin | 1 Kervinet Forum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in add_voting.php in KerviNet Forum 1.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the v_variant1 parameter. | ||||
| CVE-2009-2330 | 1 Cms.tut.su | 1 Cms Chainuk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/admin_menu.php in CMS Chainuk 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter. | ||||
| CVE-2009-2343 | 1 Zoph | 1 Zoph | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-2352 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected. | ||||
| CVE-2009-2360 | 1 Horde | 1 Passwd | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in passwd/main.php in the Passwd module before 3.1.1 for Horde allows remote attackers to inject arbitrary web script or HTML via the backend parameter. | ||||