CWE-79 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45768 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2010-2457	1 Qsoft-inc	1 K-search	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter.
CVE-2010-2458	1 2daybiz	1 Video Community Portal Script	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
CVE-2010-2464	2 Joomla, Rsjoomla	2 Joomla\!, Com Rscomments	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
CVE-2010-2733	1 Microsoft	1 Forefront Unified Access Gateway	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "UAG XSS Allows EOP Vulnerability."
CVE-2010-2734	1 Microsoft	1 Forefront Unified Access Gateway	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway Vulnerability."
CVE-2010-2763	1 Mozilla	3 Firefox, Seamonkey, Thunderbird	2025-04-11	N/A
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted function.
CVE-2010-2779	1 Novell	1 Groupwise	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."
CVE-2010-2788	1 Mediawiki	1 Mediawiki	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
CVE-2010-2790	1 Zabbix	1 Zabbix	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the (1) filter_set, (2) show_details, (3) filter_rst, or (4) txt_select parameters to the triggers page (tr_status.php). NOTE: some of these details are obtained from third party information.
CVE-2010-2796	1 Joachim Fritschi	1 Phpcas	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
CVE-2010-2802	1 Mantisbt	1 Mantisbt	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related to inline attachments.
CVE-2010-2844	1 Newanz	1 Newsoffice	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote attackers to inject arbitrary web script or HTML via the n-cat parameter.
CVE-2010-2846	2 Gonzalo Maser, Joomla	2 Com Artforms, Joomla\!	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the afmsg parameter to index.php.
CVE-2010-2852	1 Runcms	1 Runcms	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in RunCms 2.1, when the Headlines module is enabled, allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2010-2858	1 Boesch-it	1 Simpnews	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in news.php in SimpNews 2.47.03 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) layout and (2) sortorder parameters.
CVE-2010-2885	1 Adobe	2 Robohelp, Robohelp Server	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allows remote attackers to inject arbitrary web script or HTML via vectors related to WebHelp generation with RoboHelp for Word.
CVE-2010-2886	1 Adobe	2 Robohelp, Robohelp Server	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2914	1 Nessus	2 Nessus, Web Server Plugin	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-2958	1 Phpmyadmin	1 Phpmyadmin	2025-04-11	N/A
Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to a PHP backtrace and error messages (aka debugging messages), a different vulnerability than CVE-2010-3056.
CVE-2010-2985	1 Ibm	1 Websphere Service Registry And Repository	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the searchTerm parameter to ServiceRegistry/HelpSearch.do or (2) the queryItems[0].value parameter to ServiceRegistry/QueryWizardProcessStep1.do.

« first previous Page 1244 of 2289. next last »