Export limit exceeded: 45703 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45703 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0247 | 1 53kf | 1 Web Im 2009 | 2026-04-23 | N/A |
| The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable. | ||||
| CVE-2009-0248 | 1 Katywhitton | 1 Rankem | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter. | ||||
| CVE-2009-0260 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with (1) the rename parameter or (2) the drawing parameter (aka the basename variable). | ||||
| CVE-2009-0283 | 1 Aobosoft | 1 Oblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0285 | 1 Bbsxp | 1 Bbsxp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0303 | 1 Webhelpdesk | 1 Web Help Desk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa. | ||||
| CVE-2009-0312 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content. | ||||
| CVE-2009-0335 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter. | ||||
| CVE-2009-0338 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. | ||||
| CVE-2009-0359 | 1 Nongnu | 1 Samizdat | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before 0.6.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message title or (2) user full name. | ||||
| CVE-2009-0378 | 1 Joomla | 2 Com Beamospetition, Joomla | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. | ||||
| CVE-2009-0393 | 1 Motorola | 1 Cpei300 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2009-0404 | 1 Bioinformatics | 1 Htmlawed | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7. | ||||
| CVE-2009-0413 | 1 Roundcube | 1 Webmail | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message. | ||||
| CVE-2009-0417 | 1 Agavi | 1 Agavi | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the AgaviWebRouting::gen(null) method in Agavi 0.11 before 0.11.6 and 1.0 before 1.0.0 beta 8 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with certain characters that are not properly handled by web browsers that do not strictly follow RFC 3986, such as Internet Explorer 6 and 7. | ||||
| CVE-2009-1035 | 2 Drupal, Jake Gordon | 2 Drupal, Tasks | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote authenticated users to inject arbitrary web script or HTML via Cascading Style Sheets (CSS). | ||||
| CVE-2009-1047 | 1 Drupal | 2 Drupal, Print | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Send by e-mail module in the "Printer, e-mail and PDF versions" module 5.x before 5.x-4.4 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via vectors involving outbound HTML e-mail. | ||||
| CVE-2009-1067 | 1 Getpixie | 1 Pixie Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pixie CMS 1.01a allows remote attackers to inject arbitrary web script or HTML via the x parameter. | ||||
| CVE-2009-1069 | 1 Drupal | 2 Content Construction Kit, Drupal | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the node edit form feature in Drupal Content Construction Kit (CCK) 6.x before 6.x-2.2, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) titles of candidate referenced nodes in the Node reference sub-module and the (2) names of candidate referenced users in the User reference sub-module. | ||||
| CVE-2009-1079 | 1 Sun | 1 Java System Identity Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19659, 19660, and 19683. | ||||