Export limit exceeded: 13749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21726 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45684 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45684 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5056 | 1 Activecampaign | 1 Triolive | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in department_offline_context.php in ActiveCampaign TrioLive before 1.58.7 allows remote attackers to inject arbitrary web script or HTML via the department_id parameter to index.php. | ||||
| CVE-2008-5059 | 1 Modernbill | 1 Modernbill | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the new_language parameter in a login action. | ||||
| CVE-2008-5061 | 1 Smolinari | 1 Mini Web Calendar | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2008-5067 | 1 Kkeim | 1 Kmita Catalogue | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5068 | 1 Kkeim | 1 Kmita Gallery | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter to index.php and the (2) searchtext parameter to search.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5080 | 1 Awstats | 1 Awstats | 2026-04-23 | N/A |
| awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714. | ||||
| CVE-2008-5093 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTTP Protocol Stack (HTTPSTK) in Novell eDirectory before 8.8 SP3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-5095 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, User Application | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-5942 | 1 Modxcms | 1 Modxcms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MODx before 0.9.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the preserveUrls function and (2) "username input." NOTE: vector 2 may be related to CVE-2008-5939. | ||||
| CVE-2008-5944 | 1 Navboard | 1 Navboard | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attackers to inject arbitrary web script or HTML via the module parameter. | ||||
| CVE-2008-5971 | 1 I-netsolution | 1 Orkut Clone | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2008-5976 | 1 Preprojects | 1 Php Jobwebsite Pro | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field. | ||||
| CVE-2008-5979 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | ||||
| CVE-2008-5995 | 1 Typo3 | 2 Freecap Captcha Extension, Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-5996 | 2 Drupal, Link3 | 2 Drupal, Simplenews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x before 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter category field. | ||||
| CVE-2009-3195 | 1 Jce-tech | 1 Auction Rss Content Script | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php. | ||||
| CVE-2008-5999 | 1 Drupal | 2 Ajax Checklist, Drupal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allows remote authenticated users, with create and edit permissions for posts, to inject arbitrary web script or HTML via unspecified vectors involving the ajax_checklist filter. | ||||
| CVE-2008-6004 | 1 Aj Square | 1 Aj Auction | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter. | ||||
| CVE-2009-3186 | 1 Videogirls | 1 Videogirls Biz | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the (1) t parameter to forum.php, (2) profile_name parameter to profile.php, and (3) p parameter to view.php. | ||||
| CVE-2008-6035 | 1 Achievo | 1 Achievo | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter. | ||||