Export limit exceeded: 47120 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47120 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1417 1 Psychostats 1 Psychostats 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVE-2004-2742 1 Businessobjects 1 Crystal Enterprise 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RPT) file.
CVE-2004-2757 1 Novell 1 Ichain 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter.
CVE-2003-1467 4 Linux, Microsoft, Phorum and 1 more 4 Linux Kernel, All Windows, Phorum and 1 more 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2003-1479 1 Darkwet 1 Webcam Xp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field.
CVE-2006-3761 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javascript".
CVE-2006-2351 1 Ipswitch 1 Whatsup Professional 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp.
CVE-2005-2406 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI.
CVE-2002-1700 2 Macromedia, Microsoft 3 Coldfusion, Internet Information Services, Windows 2000 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX allows remote attackers to execute arbitrary script as other users by injecting script into the HTTP request for the name of a template, which is not filtered in the resulting 404 error message.
CVE-2002-2358 1 Opera Software 1 Opera Web Browser 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL.
CVE-2003-1353 1 Lanifex 1 Outreach Project Tool 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field.
CVE-2006-4542 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs.
CVE-2002-2321 1 Phplinkat 1 Phplinkat 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
CVE-2002-2350 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.
CVE-2002-2330 1 Uninet 1 Statsplus 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to stats.html and executed in client browsers.
CVE-2003-1554 1 Scoznet 1 Scozbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
CVE-2003-1348 1 Ftls 1 Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field.
CVE-2006-2084 1 Farsinews 1 Farsinews 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in (a) index.php, and the (3) mod parameter in (b) admin.php.
CVE-2003-1347 1 Geeklog 1 Geeklog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field.
CVE-2006-3571 1 Papoo 1 Papoo 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.