Export limit exceeded: 348073 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45713 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45713 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0283 | 1 Aobosoft | 1 Oblog | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in err.asp in Oblog allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0285 | 1 Bbsxp | 1 Bbsxp | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in BBSXP 5.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2009-0303 | 1 Webhelpdesk | 1 Web Help Desk | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa. | ||||
| CVE-2009-0312 | 1 Moinmoin | 1 Moinmoin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content. | ||||
| CVE-2009-0335 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter. | ||||
| CVE-2009-0338 | 1 Dmxready | 1 Blog Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. | ||||
| CVE-2009-0359 | 1 Nongnu | 1 Samizdat | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before 0.6.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) message title or (2) user full name. | ||||
| CVE-2009-0660 | 1 Mahara | 1 Mahara | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.10 and 1.1 before 1.1.2 allow remote attackers to inject arbitrary web script or HTML via a (1) profile and (2) blog, a different vulnerability than CVE-2009-0487. | ||||
| CVE-2009-0664 | 1 Mahara | 1 Mahara | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0.x before 1.0.11 and 1.1.x before 1.1.3 allow remote attackers to inject arbitrary web script or HTML via (1) the introduction field in a user profile or (2) an arbitrary text block in a user view. | ||||
| CVE-2009-0679 | 1 Ravenphpscripts | 1 Ravennuke | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Your Account module in RavenNuke 2.30 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0737 | 1 Mediawiki | 1 Mediawiki | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-0743 | 1 Cisco | 1 Unified Meetingplace | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arbitrary web script or HTML via the E-mail Address field. | ||||
| CVE-2009-0763 | 1 Bookelves | 1 Kipper | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote attackers to inject arbitrary web script or HTML via the charm parameter. | ||||
| CVE-2009-0764 | 1 Bookelves | 1 Kipper | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-0781 | 2 Apache, Redhat | 3 Tomcat, Enterprise Linux, Rhel Application Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." | ||||
| CVE-2009-0796 | 1 Apache | 2 Http Server, Mod Perl | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI. | ||||
| CVE-2009-0805 | 2 Mihai Bazon, Xoops | 2 Pical, Xoops | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php. | ||||
| CVE-2009-0816 | 1 Typo3 | 1 Typo3 | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields. | ||||
| CVE-2009-0814 | 1 Blogsa | 1 Blogsa | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Widgets.aspx in Blogsa 1.0 Beta 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. | ||||
| CVE-2009-0818 | 1 Drupal | 2 Drupal, Taxonomy Theme Module | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the taxonomy_theme_admin_table_builder function (taxonomy_theme_admin.inc) in Taxonomy Theme module before 5.x-1.2, a module for Drupal, allows remote authenticated users with the "administer taxonomy" permission, or the ability to create pages when tagging is enabled, to inject arbitrary web script or HTML via the Vocabulary name (name parameter) to index.php. NOTE: some of these details are obtained from third party information. | ||||