Export limit exceeded: 45851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45851 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3283 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-3306 | 1 Zoid Technologies | 1 Project Eros Bbsengine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the preparestring function in lib/common.php in Project EROS bbsengine before 20060501-0142-jam, and possibly earlier versions dating back to 2006-02-23, might allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2002-2318 | 1 Blueface | 1 Falcon Web Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages. | ||||
| CVE-2002-2339 | 1 Script Shed | 1 Ssgbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6) img=left tags. | ||||
| CVE-2002-2321 | 1 Phplinkat | 1 Phplinkat | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter. | ||||
| CVE-2002-2260 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. | ||||
| CVE-2002-2362 | 1 Sourceforge | 1 Mymarket | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. | ||||
| CVE-2002-2231 | 1 Ikonboard | 1 Ikonboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL in a photo URL or (2) an X-Forwarded-For: header. | ||||
| CVE-2002-2255 | 1 Phpbb | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in phpBB 2.0.3 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the search_username parameter in searchuser mode. | ||||
| CVE-2003-0801 | 1 Nokia | 1 Electronic Documentation | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script. | ||||
| CVE-2003-1348 | 1 Ftls | 1 Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. | ||||
| CVE-2004-1863 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php. | ||||
| CVE-2004-2688 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in NewsPHP allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. NOTE: this issue might overlap vector 3 in CVE-2006-3358. | ||||
| CVE-2006-1898 | 1 Ralph Capper | 1 Tinyphpforum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. NOTE: the "Access to hash password" issue is already covered by CVE-2006-0103. | ||||
| CVE-2006-0779 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag. | ||||
| CVE-2004-1417 | 1 Psychostats | 1 Psychostats | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter. | ||||
| CVE-2004-2725 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php. | ||||
| CVE-2004-2704 | 2 Hastymail, Microsoft | 2 Hastymail, Internet Explorer | 2026-04-16 | N/A |
| Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks. | ||||
| CVE-2006-0175 | 1 Webwiz | 1 Web Wiz Forums | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2003-1534 | 1 Justice Media | 1 Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables. | ||||