Export limit exceeded: 46792 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46792 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1355 | 2 Apache, Redhat | 2 Tomcat, Network Satellite | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors. | ||||
| CVE-2008-3771 | 1 Pars4u | 1 Videosharing | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter. | ||||
| CVE-2008-6097 | 1 Wikyblog | 1 Wikyblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to index.php/Special/Main/keywordSearch, (2) revNum parameter to index.php/Edit/Main/Home, (3) to parameter to index.php/Special/Main/WhatLinksHere, (4) user parameter to index.php/Special/Main/UserEdits, and (5) the PATH_INFO to index.php. | ||||
| CVE-2008-6105 | 1 Ibm | 2 Workplace For Business Controls And Reporting, Workplace Web Content Management | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Workplace for Business Controls and Reporting 2.x and IBM Workplace Web Content Management 6.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1468 | 1 Ibm | 1 Rational Clearquest | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest (CQ) Web 7.0.0.0 allows remote attackers to inject arbitrary web script or HTML via an attachment to a defect log entry. | ||||
| CVE-2007-1482 | 1 Liqua | 1 Wbblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in WBBlog allows remote attackers to inject arbitrary web script or HTML via the e_id parameter in a viewentry cmd. | ||||
| CVE-2008-6108 | 1 Gwm | 1 Galatolo Webmanager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter. | ||||
| CVE-2008-3821 | 1 Cisco | 1 Ios | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
| CVE-2008-3823 | 1 Horde | 1 Horde | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MIME/MIME/Contents.php in the MIME library in Horde 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of a MIME attachment in an e-mail message. | ||||
| CVE-2008-1850 | 1 Osiaffiliate | 1 Osiaffiliate | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters. | ||||
| CVE-2008-6431 | 1 Bmforum | 1 Bmforum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) outpused parameter to index.php, the (2) footer_copyright and (3) verandproname parameters to newtem/footer/bsd01footer.php, and the (4) topads and (5) myplugin parameters to newtem/header/bsd01header.php. | ||||
| CVE-2008-6433 | 1 Blueriver | 1 Sava Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action. | ||||
| CVE-2008-3824 | 2 Horde, Popoon | 2 Horde, Popoon | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in (1) Text_Filter/Filter/xss.php in Horde 3.1.x before 3.1.9 and 3.2.x before 3.2.2 and (2) externalinput.php in Popoon r22196 and earlier allows remote attackers to inject arbitrary web script or HTML by using / (slash) characters as replacements for spaces in an HTML e-mail message. | ||||
| CVE-2008-2911 | 1 Contenido | 1 Contendio | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters. | ||||
| CVE-2008-6476 | 1 Dotnetblogengine | 1 Blogengine.net | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2008-3880 | 1 Zoneminder | 1 Zoneminder | 2026-04-23 | N/A |
| SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter. | ||||
| CVE-2008-6495 | 1 Zirkon Box | 1 Yappa-ng | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Fritz Berger yet another php photo album - next generation (yappa-ng) 2.3.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter. | ||||
| CVE-2008-3881 | 1 Zoneminder | 1 Zoneminder | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files. | ||||
| CVE-2008-1793 | 1 Hoffice | 3 Smart Classified Ads, Smart Photo Ads, Smart Photo Ads Gold | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in view.cgi in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold allow remote attackers to inject arbitrary web script or HTML via the (1) AdNum and (2) Department parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3884 | 1 Blogn | 1 Blogn | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Blogn (BURO GUN) 1.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2006-6176. | ||||