CWE-79 CVEs and Security Vulnerabilities

Export limit exceeded: 348169 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 45716 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45716 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-5205	1 Wellyblog	1 Wellyblog	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in edit.php in wellyblog allows remote attackers to inject arbitrary web script or HTML via the articleid parameter in an add action.
CVE-2008-5211	1 Sphider	1 Sphider	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search.php in Sphider 1.3.4, when the search suggestion feature is enabled, allows remote attackers to inject arbitrary web script or HTML via the query parameter, a different vector than CVE-2006-2506.
CVE-2008-5214	1 Clanlite	1 Clanlite	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows remote attackers to inject arbitrary web script or HTML via the annee parameter.
CVE-2008-5224	1 Kent-web	1 Kent-web Mart	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Kent Web Mart 1.61 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5323	1 Easy-script	1 Wysi Wiki Wyg	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2008-5249	1 Mediawiki	1 Mediawiki	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5271	1 Syndeocms	1 Syndeocms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
CVE-2008-5917	2 Horde, Microsoft	2 Application Framework, Internet Explorer	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the XSS filter (framework/Text_Filter/Filter/xss.php) in Horde Application Framework 3.2.2 and 3.3, when Internet Explorer is being used, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to style attributes.
CVE-2008-5944	1 Navboard	1 Navboard	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attackers to inject arbitrary web script or HTML via the module parameter.
CVE-2008-5971	1 I-netsolution	1 Orkut Clone	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote authenticated users to inject arbitrary web script or HTML via the id parameter.
CVE-2008-5976	1 Preprojects	1 Php Jobwebsite Pro	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote attackers to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field.
CVE-2008-5979	1 Ocean12 Technologies	1 Mailing List Manager	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter.
CVE-2008-5994	1 Checkpoint	1 Connectra Ngx	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5995	1 Typo3	2 Freecap Captcha Extension, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6004	1 Aj Square	1 Aj Auction	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter.
CVE-2008-6035	1 Achievo	1 Achievo	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter.
CVE-2008-6062	1 Adobe	1 Dreamweaver	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637.
CVE-2008-6687	2 David Cadu, Typo3	2 Dcdgooglemap, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in DCD GoogleMap (dcdgooglemap) 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6688	2 Kevin Renskers, Typo3	2 Dmmjobcontrol, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6698	2 Michael Fritz, Typo3	2 Worldcup, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

« first previous Page 307 of 2286. next last »