Search Results (47011 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6724 1 Patrick Matthai 1 Pnopaste 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers to inject arbitrary web script or HTML via the language parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-3833 1 Tftgallery 1 Tftgallery 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter.
CVE-2008-1848 2 Joomla, Joomlacode 2 Joomla, Joomlaexplorer 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.
CVE-2008-6699 1 Typo3 2 Tjs Reslib, Typo3 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Resource Library (tjs_reslib) 0.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-1850 1 Osiaffiliate 1 Osiaffiliate 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in login.php in Omnistar Interactive OSI Affiliate allow remote attackers to inject arbitrary web script or HTML via the (1) login, (2) profile, (3) profile2, and (4) ref parameters.
CVE-2009-0257 1 Typo3 1 Typo3 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files to the (a) Indexed Search Engine (indexed_search) system extension; (b) unspecified test scripts in the ADOdb system extension; and (c) unspecified vectors in the Workspace module.
CVE-2008-6113 1 Semanticscuttle 1 Semanticscuttle 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in SemanticScuttle before 0.90 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to the (1) username and (2) profile page.
CVE-2008-1873 2 Microsoft, Tru-zone 2 Internet Explorer, Nukeet 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the private message feature in Nuke ET 3.2 and 3.4, when using Internet Explorer, allows remote authenticated users to inject arbitrary web script or HTML via a CSS property in the STYLE attribute of a DIV element in the mensaje parameter. NOTE: some of these details are obtained from third party information.
CVE-2009-0273 1 Novell 1 Groupwise 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments.
CVE-2008-6108 1 Gwm 1 Galatolo Webmanager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter.
CVE-2008-6105 1 Ibm 2 Workplace For Business Controls And Reporting, Workplace Web Content Management 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in IBM Workplace for Business Controls and Reporting 2.x and IBM Workplace Web Content Management 6.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2008-6097 1 Wikyblog 1 Wikyblog 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WikyBlog before 1.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) key parameter to index.php/Special/Main/keywordSearch, (2) revNum parameter to index.php/Edit/Main/Home, (3) to parameter to index.php/Special/Main/WhatLinksHere, (4) user parameter to index.php/Special/Main/UserEdits, and (5) the PATH_INFO to index.php.
CVE-2008-6095 1 Opennms 1 Opennms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter.
CVE-2008-6087 1 Camera Life 1 Camera Life 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6062 1 Adobe 1 Dreamweaver 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by Adobe Dreamweaver, when the Insert Flash Video feature is used, allows remote attackers to inject arbitrary web script or HTML via an asfunction: URI in the skinName parameter. NOTE: this may overlap CVE-2007-6242, CVE-2007-6244, or CVE-2007-6637.
CVE-2008-6060 1 Infosoftglobal 1 Fusion Charts 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter.
CVE-2008-6047 1 Adbnewssender 1 Adbnewssender 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing.
CVE-2008-6044 1 Xt-commerce 1 Xt-commerce 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in advanced_search_result.php in xt:Commerce 3.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2008-6041 1 Dataspade 1 Dataspade 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters.
CVE-2008-6034 1 Achievo 1 Achievo 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.