Export limit exceeded: 47037 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47037 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3579 1 Mortbay 1 Jetty 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the CookieDump.java sample application in Mort Bay Jetty 6.1.19 and 6.1.20 allows remote attackers to inject arbitrary web script or HTML via the Value parameter in a GET request to cookie/.
CVE-2009-3566 1 Mcafee 1 Intrushield Network Security Manager 2026-04-23 N/A
McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting (XSS) vulnerability.
CVE-2009-3565 1 Mcafee 1 Intrushield Network Security Manager 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager (NSM) before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the (1) iaction or (2) node parameter.
CVE-2009-3562 1 Xerver 1 Xerver 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to inject arbitrary web script or HTML via the currentPath parameter in a chooseDirectory action.
CVE-2009-3530 1 Radscripts 1 Radbids 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in storefront.php in RadScripts RadBids Gold 4 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
CVE-2009-3521 1 Ibm 1 Tivoli Composite Application Manager For Wesbsphere 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Visualization Engine (VE) in IBM Tivoli Composite Application Manager for WebSphere (ITCAM) 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-4828 1 Mediawiki 1 Mediawiki 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-4819 1 Txx Cms 1 Txx Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-3496 1 Vastal 1 Dvd Zone 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in view_mag.php in Vastal I-Tech DVD Zone allows remote attackers to inject arbitrary web script or HTML via the mag_id parameter.
CVE-2009-3493 1 Zenas 1 Paobacheca Guestbook 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Zenas PaoBacheca Guestbook 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) scrivi.php and (2) index.php.
CVE-2007-4813 1 Domino Blogsphere 1 Domino Blogsphere 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Domino Blogsphere 3.01 Beta 7 allows remote attackers to inject arbitrary web script or HTML via the name field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3479 2 Drupal, Ron Jerome 2 Drupal, Bibliography 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Bibliography (Biblio) 5.x before 5.x-1.17 and 6.x before 6.x-1.6, a module for Drupal, allows remote attackers, with "create content displayed by the Bibliography module" permissions, to inject arbitrary web script or HTML via a title.
CVE-2009-3469 1 Ibm 1 Lotus Connections 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2009-3453 1 Ibm 1 Lotus Quickr 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template.
CVE-2007-4811 1 Netjuke 1 Netjuke 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or the PATH_INFO to (2) random.php or (3) admin/hidden.php.
CVE-2009-3450 1 Radactive 1 I-load 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allow remote attackers to inject arbitrary web script or HTML via parameters with names beginning with __ (underscore underscore) sequences, which are incompatible with an XSS protection mechanism provided by Microsoft ASP.NET.
CVE-2009-3440 1 Alienvault 1 Ossim 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Open Source Security Information Management (OSSIM) before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the option parameter to the default URI (aka the main menu).
CVE-2009-3427 1 Kayako 1 Supportsuite 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Kayako SupportSuite 3.50.06 allows remote attackers to inject arbitrary web script or HTML via the subject field in a ticket.
CVE-2009-3105 1 Ibm 1 Domino Web Access 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.
CVE-2009-3057 1 Aom-software 1 Beex 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AOM Software Beex 3 allow remote attackers to inject arbitrary web script or HTML via the navaction parameter to (1) news.php and (2) partneralle.php.