Total
37647 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6533 | 1 Drupal | 1 Drupal | 2025-04-09 | 4.3 MEDIUM | N/A |
| Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. | |||||
| CVE-2008-5330 | 1 Ibm | 1 Rational Clearquest | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web interface in ClearCase RWP server in IBM Rational ClearCase 7.0.0 before 7.0.0.4, and 7.0.1.1-RATL-RCC-IFIX02 and possibly other 7.0.1 versions before 7.0.1.3, allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO of a URI associated with a VOB page. | |||||
| CVE-2009-2569 | 1 Verlihub-project | 1 Verlihub Control Panel | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Verlihub Control Panel (VHCP) 1.7e allow remote attackers to inject arbitrary web script or HTML via (1) the nick parameter in a login action to index.php or (2) the URI in a news request to index.html. | |||||
| CVE-2008-2247 | 1 Microsoft | 1 Exchange Server | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248. | |||||
| CVE-2009-2181 | 1 Campware.org | 1 Campsite | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin-files/templates/list_dir.php in Campsite 3.3.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the listbasedir parameter. | |||||
| CVE-2008-2413 | 1 Acgv.free | 1 Acgv News | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2008-1560 | 1 Digiappz | 1 Digidomain | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) domain parameter to lookup_result.asp, and the (2) word1 and (3) word2 parameters to suggest_result.asp. | |||||
| CVE-2009-3668 | 1 Promosi-web | 1 Ardguest | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ardguest.php in Ardguest 1.8 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2009-3666 | 1 Nullam | 1 Nullam Blog | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote attackers to inject arbitrary web script or HTML via the e parameter in an error action. | |||||
| CVE-2008-2675 | 1 Softcomplex | 1 Php Image Gallery | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5983 | 1 Justin Hagstrom | 1 Autoindex Php Script | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF). | |||||
| CVE-2008-2975 | 1 Tinx Cms | 1 Tinx Cms | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | |||||
| CVE-2009-4157 | 2 Joomla, Joomlatune | 2 Joomla\!, Com Proofreader | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages. | |||||
| CVE-2008-2026 | 1 Rsa | 1 Authentication Agent | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258, and other versions before 5.3.3.378, allows remote attackers to inject arbitrary web script or HTML via a URL-encoded postdata parameter. NOTE: this is different than CVE-2005-1118, but it might be the same as CVE-2008-1470. | |||||
| CVE-2009-2131 | 1 4homepages | 1 4images | 2025-04-09 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and earlier allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted user_homepage parameter to member.php, and then posting a comment associated with a picture. | |||||
| CVE-2009-1715 | 1 Apple | 1 Safari | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to script execution with incorrect privileges. | |||||
| CVE-2008-6448 | 1 Skyarc | 1 Mtcms Wysiwyg Editor | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-6597 | 1 Phpcredo | 1 Phcdownload | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4403 | 1 Rumbacms | 1 Rumba Xml | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Rumba XML 1.8 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6495 | 1 Zirkon Box | 1 Yappa-ng | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | |||||