Total
28647 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3572 | 1 Pligg | 1 Pligg Cms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inject arbitrary web script or HTML via the category parameter. | |||||
| CVE-2009-2119 | 1 F5 | 1 Firepass Ssl Vpn | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter. | |||||
| CVE-2008-4892 | 1 Planetluc | 1 Mygallery | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in gallery.inc.php in Planetluc MyGallery 1.7.2 and earlier, and possibly other versions before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via the mghash parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4083 | 1 Brim-project | 1 Brim | 2024-02-04 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in Brim 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in an addItemPost action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6094 | 1 Celoxis | 1 Celoxis | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technologies Celoxis allows remote attackers to inject arbitrary web script or HTML via the ni.smessage parameter. | |||||
| CVE-2008-2037 | 1 Editeurscripts | 1 Escontacts | 2024-02-04 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EditeurScripts EsContacts 1.0 allow remote authenticated users to inject arbitrary web script or HTML via the msg parameter to (1) login.php, (2) importer.php, (3) add_groupe.php, (4) contacts.php, (5) groupes.php, and (6) search.php. | |||||
| CVE-2009-3303 | 1 Gforge | 1 Gforge | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in www/help/tracker.php in GForge 4.5.14, 4.7 rc2, and 4.8.1 allows remote attackers to inject arbitrary web script or HTML via the helpname parameter. | |||||
| CVE-2008-1794 | 1 Drupal | 1 Webform Module | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-3218 | 2 Drupal, Fedoraproject | 2 Drupal, Fedora | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values. | |||||
| CVE-2009-1908 | 1 Openskip | 1 Skip | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-1873 | 2 Microsoft, Tru-zone | 2 Internet Explorer, Nukeet | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5080 | 1 Awstats | 1 Awstats | 2024-02-04 | 4.3 MEDIUM | N/A |
| awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714. | |||||
| CVE-2009-3256 | 1 Livestreet | 1 Livestreet | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in include/ajax/blogInfo.php in LiveStreet 0.2 allows remote attackers to inject arbitrary web script or HTML via the URI, as demonstrated by a SCRIPT element in an arbitrary parameter such as the asd parameter. | |||||
| CVE-2009-0487 | 1 Mahara | 1 Mahara | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post. | |||||
| CVE-2008-5214 | 1 Clanlite | 1 Clanlite | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows remote attackers to inject arbitrary web script or HTML via the annee parameter. | |||||
| CVE-2008-2333 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | |||||
| CVE-2008-2761 | 1 Xigla | 1 Absolute Banner Manager | 2024-02-04 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the text parameter in (1) searchbanners.asp and (2) listadvertisers.asp, and other unspecified fields. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2979 | 1 Ourvideo Cms | 1 Ourvideo Cms | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters. | |||||
| CVE-2008-5917 | 2 Horde, Microsoft | 2 Application Framework, Internet Explorer | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes. | |||||
| CVE-2008-6386 | 1 1scripts | 1 Z1exchange | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in showads.php in Z1Exchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||