Total
28674 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1560 | 1 Digiappz | 1 Digidomain | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) domain parameter to lookup_result.asp, and the (2) word1 and (3) word2 parameters to suggest_result.asp. | |||||
| CVE-2009-3668 | 1 Promosi-web | 1 Ardguest | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ardguest.php in Ardguest 1.8 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2009-3666 | 1 Nullam | 1 Nullam Blog | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote attackers to inject arbitrary web script or HTML via the e parameter in an error action. | |||||
| CVE-2008-2675 | 1 Softcomplex | 1 Php Image Gallery | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2975 | 1 Tinx Cms | 1 Tinx Cms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | |||||
| CVE-2009-4157 | 2 Joomla, Joomlatune | 2 Joomla\!, Com Proofreader | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. | |||||
| CVE-2008-2026 | 1 Rsa | 1 Authentication Agent | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it might be the same as CVE-2008-1470. | |||||
| CVE-2009-2131 | 1 4homepages | 1 4images | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted user_homepage parameter to member.php, and then posting a comment associated with a picture. | |||||
| CVE-2009-1715 | 1 Apple | 1 Safari | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to script execution with incorrect privileges. | |||||
| CVE-2008-6448 | 1 Skyarc | 1 Mtcms Wysiwyg Editor | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6597 | 1 Phpcredo | 1 Phcdownload | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-6495 | 1 Zirkon Box | 1 Yappa-ng | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | |||||
| CVE-2009-0502 | 2 Moodle, Snoopy | 2 Moodle, Snoopy | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page. | |||||
| CVE-2008-4485 | 1 Bluecoat | 1 Security Gateway Os | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2008-2131 | 1 Myvietnam | 1 Mvnforum | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA allows remote authenticated users to inject arbitrary web script or HTML via the topic field, which is later displayed by user/viewthread.jsp through use of the "quick reply button." | |||||
| CVE-2008-6385 | 1 W3matter | 1 Revsense | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in W3matter RevSense 1.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter. | |||||
| CVE-2009-0679 | 1 Ravenphpscripts | 1 Ravennuke | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-3505 | 1 Polypager | 1 Polypager | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI. | |||||
| CVE-2008-7017 | 1 Cacert | 1 Cacert | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other versions before 20080928, allows remote attackers to inject arbitrary web script or HTML via the CN (CommonName) field in the subject of an X.509 certificate. | |||||
| CVE-2009-1614 | 1 Gowondesigns | 1 Leap | 2024-02-04 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter (aka the message in an article comment) or (2) the searchterm parameter (aka the search post form). NOTE: some of these details are obtained from third party information. | |||||