Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362454 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 47011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47011 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1367 1 Mozilo 1 Mozilocms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a.
CVE-2008-1283 1 Silver-forge 1 Neptune Web Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page.
CVE-2008-1300 1 Alkacon 1 Opencms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a different vector than CVE-2008-1045.
CVE-2008-1306 1 Besavvy 1 Savvy Content Manager 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Savvy Content Manager (CM) allow remote attackers to inject arbitrary web script or HTML via the searchterms parameter to (1) searchresults.cfm, (2) search_results.cfm, and (3) search_results/index.cfm. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1326 1 Gallarific 1 Gallarific 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in Gallarific allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1342 1 Polymita Technologies 2 Bpm Suite, Collageportal 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the (1) _q and (2) lucene_index_field_value parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1348 1 Ewebsite 1 Eweather 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in the eWebsite eWeather (Weather) module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the chart parameter to modules.php.
CVE-2008-1355 1 Jeeblestechnology 1 Jeebles Directory 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Jeebles Technology Jeebles Directory 2.9.60 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1360 1 Nagios 1 Nagios 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.
CVE-2008-1385 1 S9y 1 Serendipity 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
CVE-2008-1386 1 S9y 1 Serendipity 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the installer in Serendipity (S9Y) 1.3 allow remote attackers to inject arbitrary web script or HTML via (1) unspecified path fields or (2) the database host field. NOTE: the timing window for exploitation of this issue might be limited.
CVE-2008-3500 1 Drupal 1 Suggested Terms Module 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via crafted Taxonomy terms.
CVE-2008-3501 1 Novell 1 Groupwise 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1413 1 Snews 1 Snews Cms Rus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus 2.1 through 2.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2008-1428 1 Drupal 1 Ubercart Module 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart 5.x before 5.x-1.0-beta7 module for Drupal allow remote attackers to inject arbitrary web script or HTML via a text attribute value for a product.
CVE-2008-1470 1 Rsa 1 Webid 2026-04-23 N/A
Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118.
CVE-2008-1432 1 Manageengine 1 Supportcenter Plus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3505 1 Polypager 1 Polypager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI.
CVE-2008-1474 1 Roundup-tracker 1 Roundup 2026-04-23 N/A
Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS).
CVE-2008-1477 1 Jcorporate 1 Eforum 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in busca.php in eForum 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) busca and (2) link parameters.