Export limit exceeded: 359603 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46786 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2923 | 1 Lyris | 1 List Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in read/search/results in Lyris ListManager 8.8, 8.95, and 9.3d allows remote attackers to inject arbitrary web script or HTML via the words parameter. | ||||
| CVE-2008-2929 | 2 Fedora, Redhat | 2 Directory Server, Directory Server | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. | ||||
| CVE-2008-2939 | 5 Apache, Apple, Canonical and 2 more | 6 Http Server, Mac Os X, Ubuntu Linux and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via a wildcard in the last directory component in the pathname in an FTP URI. | ||||
| CVE-2009-1315 | 1 Abk-soft | 1 Ablespace | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php. | ||||
| CVE-2008-2965 | 1 Jaxbot | 1 Jaxultrabb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter. | ||||
| CVE-2008-2973 | 1 Mm Chat | 1 Mm Chat | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in MM Chat 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sitename and (2) wmessage parameters. | ||||
| CVE-2008-2975 | 1 Tinx Cms | 1 Tinx Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | ||||
| CVE-2008-2980 | 1 Homeph Design | 1 Homeph Design | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift] parameter to admin/features/memberlist/memberlist.php, the (3) language_array[ueberschrift] parameter to admin/features/lostpassword/lostpassword.php, the (4) language_feature[titel] parameter to admin/features/kalender/eingabe.php, and the (5) language_feature[bildmenu] parameter to admin/features/fotogalerie/eingabe.php. | ||||
| CVE-2008-2984 | 1 Cmreams | 1 Cmreams Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in backend/umleitung.php in CMReams CMS 1.3.1.1 Beta 2 allows remote attackers to inject arbitrary web script or HTML via the lang[be_red_text] parameter. | ||||
| CVE-2008-2994 | 1 Phpeasydata | 1 Phpeasydata | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to inject arbitrary web script or HTML via the (1) annuaire parameter to (a) last_records.php and (b) annuaire.php and the (2) by and (3) cat_id parameters to annuaire.php. | ||||
| CVE-2008-2998 | 1 Drupal | 2 Aggregation Module, Drupal | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-1310 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element. | ||||
| CVE-2008-3023 | 2 Fswiki, Microsoft | 2 Freestyle Wiki, Internet Explorer | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.6.2 and earlier, and 3.6.3 dev3 and earlier development versions, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2005-1799. | ||||
| CVE-2008-3028 | 1 Typo3 | 1 Send A Card | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3029 | 1 Typo3 | 1 Wec Discussion Forum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3037 | 1 Typo3 | 1 Address Directory | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3082 | 1 Commtouch | 1 Enterprise Anti-spam Gateway | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter. | ||||
| CVE-2008-3091 | 1 Drupal | 1 Taxonomy Autotagger Module | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-3098 | 1 Fuzzylime | 1 Fuzzylime Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuzzylime (cms) before 3.03 allows remote attackers to inject arbitrary web script or HTML via the user parameter to the login form. | ||||
| CVE-2008-3100 | 1 Owl | 1 Intranet Knowledgebase | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php. | ||||