Export limit exceeded: 347821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-7121 | 1 Mrcgiguy | 1 Hot Links Sql-php | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search bar. | ||||
| CVE-2008-7132 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.3 beta allows remote attackers to inject arbitrary web script or HTML via the nuked_nude parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7141 | 1 Alexphpteam | 1 \@lex Poll | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 allows remote attackers to inject arbitrary web script or HTML via the language_setup parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-7147 | 1 Intralearn | 1 Intralearn | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IntraLearn Software IntraLearn 2.1, and possibly other versions before 4.2.3, allow remote attackers to inject arbitrary web script or HTML via the (1) outline and (2) course parameters to library/description_link.cfm, or the (3) records_to_display and (4) the_start parameters to library/courses_catalog.cfm. | ||||
| CVE-2008-7150 | 2 Ber Kessels, Drupal | 2 Refine By Taxo, Drupal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Refine by Taxonomy 5.x before 5.x-0.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a taxonomy term, which is not properly handled by refine_by_taxo when displaying tags. | ||||
| CVE-2009-0107 | 1 Phpauctions | 1 Phpauctions | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. | ||||
| CVE-2009-0204 | 1 Hp | 1 Select Access | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0237 | 1 Microsoft | 2 Forefront Threat Management Gateway, Internet Security And Acceleration Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006 Supportability Update, and 2006 SP1; allows remote attackers to inject arbitrary web script or HTML via "authentication input" to this component, aka "Cross-Site Scripting Vulnerability." | ||||
| CVE-2009-0239 | 1 Microsoft | 3 Windows Search, Windows Server 2003, Windows Xp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Search Vulnerability." | ||||
| CVE-2009-0245 | 1 Usagi | 1 Mynets | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Usagi Project MyNETS 1.2.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-4629. | ||||
| CVE-2009-0247 | 1 53kf | 1 Web Im 2009 | 2026-04-23 | N/A |
| The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable. | ||||
| CVE-2009-0248 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter. | ||||
| CVE-2009-0260 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with (1) the rename parameter or (2) the drawing parameter (aka the basename variable). | ||||
| CVE-2009-0283 | 1 Aobosoft | 1 Oblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0285 | 1 Bbsxp | 1 Bbsxp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0303 | 1 Webhelpdesk | 1 Web Help Desk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa. | ||||
| CVE-2009-0312 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content. | ||||
| CVE-2009-0335 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter. | ||||
| CVE-2009-0338 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. | ||||
| CVE-2009-0660 | 1 Mahara | 1 Mahara | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a different vulnerability than CVE-2009-0487. | ||||