Export limit exceeded: 347829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45687 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45687 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2615 | 1 Datachecknh | 1 Sitepal | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DataCheck Solutions SitePal 1.x allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) z_admin_login.asp, (2) z_forgot.asp, and possibly unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2636 | 1 Kerio | 1 Kerio Mailserver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Integration page in the WebMail component in Kerio MailServer 6.6.0, 6.6.1, 6.6.2, and 6.7.0 allows remote attackers to inject arbitrary web script or HTML via an e-mail message. | ||||
| CVE-2009-2738 | 1 Freenas | 1 Freenas | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors. | ||||
| CVE-2009-2742 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Eclipse Help in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 allows remote attackers to inject arbitrary web script or HTML via unspecified input. | ||||
| CVE-2009-2772 | 1 Realtysoft | 1 Pg Roomate Finder Solution | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PG Roommate Finder Solution allow remote attackers to inject arbitrary web script or HTML via the part parameter to (1) quick_search.php and (2) viewprofile.php. | ||||
| CVE-2009-2778 | 1 Garagesalesjunkie | 1 Garagesales Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in visitor/view.php in GarageSales Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3066 | 1 Propertywatchscript | 1 Property Watch | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PropertyWatchScript.com Property Watch 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) videoid parameter to tools/email.php and (2) redirect parameter to tools/login.php. | ||||
| CVE-2009-3067 | 1 Webformatique | 1 Reservation Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Reservation Manager allows remote attackers to inject arbitrary web script or HTML via the resman_startdate parameter. | ||||
| CVE-2009-3147 | 1 Allenthusiast | 1 Reviewpost Php Pro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in showproduct.php in ReviewPost Pro vB3 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | ||||
| CVE-2009-3152 | 1 Nt | 1 Bbs E-market | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action. | ||||
| CVE-2008-1947 | 2 Apache, Redhat | 5 Tomcat, Enterprise Linux, Network Satellite and 2 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add. | ||||
| CVE-2008-1953 | 1 Magnolia | 1 Site Designer | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Sitedesigner before 1.1.5 search template in Magnolia Enterprise Edition allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3196 | 1 Jce-tech | 1 Php Video Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in JCE-Tech PHP Video Script allows remote attackers to inject arbitrary web script or HTML via the key parameter. | ||||
| CVE-2009-3197 | 1 Jce-tech | 1 Php Calendars Script | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech PHP Calendars Script allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2009-3198 | 1 Jce-tech | 1 Affiliate Master Datafeed Parser | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2009-3204 | 1 Stivaforum | 1 Stiva Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Stiva Forum 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) demo.php and (2) forum.php, and the PATH_INFO to (3) include_forum.php. | ||||
| CVE-2009-3210 | 2 Drupal, Joao Ventura | 2 Drupal, Print | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.8 and 6.x before 6.x-1.8, a module for Drupal, allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-1955 | 1 Toocharger | 1 Myboard | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in rep.php in Martin BOUCHER MyBoard 1.0.12 allows remote attackers to inject arbitrary web script or HTML via the id parameter. information. | ||||
| CVE-2009-3247 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Activities module in vtiger CRM 5.0.4 allows remote attackers to inject arbitrary web script or HTML via the action parameter to phprint.php. NOTE: the query_string vector is already covered by CVE-2008-3101.3. | ||||
| CVE-2009-3299 | 1 Mahara | 1 Mahara | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the resume blocktype in Mahara before 1.0.13, and 1.1.x before 1.1.7, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||