Export limit exceeded: 347793 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45684 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-1597 | 1 Ez | 1 Ezjscore | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish before 1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4714 | 1 Alexandre Amaral | 1 Xoops Celepar | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php. | ||||
| CVE-2010-2854 | 1 Jared Meeker | 1 Event Horizon | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to inject arbitrary web script or HTML via the (1) YourEmail and (2) VerificationNumber parameters, which are not properly handled in a forced SQL error message. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4717 | 1 Gonafish | 1 Webstatcaffe | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nopagesmost parameter to stat/mostvisitpagechart.php, and date parameter to (5) pageviewers.php, (6) pageviewerschart.php, and (7) referer.php in stat/. | ||||
| CVE-2010-2698 | 1 Sijio | 1 Community Software | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authenticated users to inject arbitrary web script or HTML via the title parameter when (1) editing a new blog, (2) adding an album, or (3) editing an album. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2010-2970 | 1 Moinmo | 1 Moinmoin | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487. | ||||
| CVE-2010-4219 | 1 Ibm | 1 Websphere Portal | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2969 | 1 Moinmo | 1 Moinmoin | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487. | ||||
| CVE-2010-2957 | 1 S9y | 1 Serendipity | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-2154 | 1 Cmscout | 1 Cmscout | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2011-1670 | 1 A.kulikov | 1 Interra Blog Machine | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit. | ||||
| CVE-2009-4736 | 1 Sensesites | 1 Commonsense Cms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2010-2344 | 1 Odcms | 1 Odcms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to (1) _main/index.php, (2) _members/index.php, (3) _forum/index.php, (4) _docs/index.php, and (5) _announcements/index.php. | ||||
| CVE-2011-0005 | 1 Joomla | 2 Com Search, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php. | ||||
| CVE-2011-0013 | 2 Apache, Redhat | 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the HTML Manager Interface in Apache Tomcat 5.5 before 5.5.32, 6.0 before 6.0.30, and 7.0 before 7.0.6 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the display-name tag. | ||||
| CVE-2010-0370 | 3 Drupal, Roger Lopez, Thomas Turnbull | 3 Drupal, Nodeblock, Nodeblock | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x-1.1 and earlier, and 6.x-1.3 and earlier, a module for Drupal, allows remote authenticated users, with permissions to create or edit content and administer blocks, to inject arbitrary web script or HTML via the edit-title parameter (aka block title). | ||||
| CVE-2010-2849 | 1 Nusoftware | 1 Nubuilder | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php in nuBuilder 10.04.20, and possibly other versions before 10.07.12, allows remote attackers to inject arbitrary web script or HTML via the f parameter. | ||||
| CVE-2010-0371 | 1 Hitmaaan | 1 Hitmaaan Gallery | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hitmaaan Gallery 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) gall and (2) levela parameters. | ||||
| CVE-2010-0374 | 2 Codingfish, Joomla | 2 Com Marketplace, Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the catid parameter in a show_category action to index.php. | ||||
| CVE-2011-0587 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. | ||||