Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4575 | 2 Joomla, Qproje | 2 Joomla\!, Com Qpersonel | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 RC2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the personel_sira parameter in a sirala action to index.php. | ||||
| CVE-2007-6203 | 1 Apache | 1 Http Server | 2026-04-23 | N/A |
| Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. | ||||
| CVE-2009-4570 | 1 Phpshop | 1 Phpshop | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PhpShop 0.8.1 allows remote attackers to inject arbitrary web script or HTML via the order_id parameter in an order/order_print action to the default URI. | ||||
| CVE-2009-4567 | 1 Viscacha | 1 Viscacha | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in editprofile.php in Viscacha 0.8 Gold allow remote authenticated users to inject arbitrary web script or HTML via the (1) skype, (2) yahoo, (3) aol, (4) msn, or (5) jabber parameter in a profile2 action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6421 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the URL. | ||||
| CVE-2009-4563 | 1 Zenphoto | 1 Zenphoto | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in zp-core/admin-options.php in Zenphoto 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via the 0-adminpass and 0-adminpass_2 parameters in a saveoptions action. | ||||
| CVE-2009-4562 | 1 Zenphoto | 1 Zenphoto | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the from parameter. | ||||
| CVE-2009-4559 | 2 Drupal, Nanwich | 2 Drupal, Submitted By | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Submitted By module 6.x before 6.x-1.3 for Drupal allows remote authenticated users, with "administer content types" privileges, to inject arbitrary web script or HTML via an input string for "submitted by" text. | ||||
| CVE-2009-4552 | 1 Intesync | 1 Miniweb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. | ||||
| CVE-2009-4548 | 1 Viart | 1 Viart Helpdesk | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt Helpdesk 3.x allow remote attackers to inject arbitrary web script or HTML via the category_id parameter to (1) products.php, (2) article.php, (3) product_details.php, or (4) reviews.php; the (5) forum_id parameter to forum.php; or the (6) search_category_id parameter to products_search.php. | ||||
| CVE-2009-4547 | 1 Viart | 1 Viart Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id parameter to (2) forum.php or (3) forum_topic_new.php. | ||||
| CVE-2009-4544 | 1 Cromosoft | 1 Facil Helpdesk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2009-4542 | 1 Isolsoft | 1 Support Center | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2009-4525 | 2 Drupal, Joao Ventura | 2 Drupal, Print | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via crafted data in a list of links. | ||||
| CVE-2008-5682 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates. | ||||
| CVE-2009-4523 | 1 Zainu | 1 Zainu | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchSongKeyword parameter in a SearchSong action. | ||||
| CVE-2009-4521 | 1 Eclipse | 1 Birt | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter. | ||||
| CVE-2009-4518 | 2 Drupal, Mark Burton | 2 Drupal, Insertnode | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node. | ||||
| CVE-2008-0622 | 1 Raidenhttpd | 1 Raidenhttpd | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the ulang parameter. | ||||
| CVE-2009-4516 | 2 Drupal, Nanwich | 2 Drupal, Faq Ask | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||