Export limit exceeded: 21012 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 47102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (47102 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1800 1 Divx 1 Divxdb 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DivXDB 2002 0.94b allow remote attackers to inject arbitrary web script or HTML via the (1) choice, (2) _page_, (3) zone_admin, (4) general_search, and (5) import parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1795 1 Blackboard 1 Academic Suite 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versions, allow remote attackers to inject arbitrary web script or HTML via (1) the searchText parameter in a Course action to webapps/blackboard/execute/viewCatalog or (2) the data__announcements___pk1_pk2__subject parameter in an ADD action to bin/common/announcement.pl.
CVE-2008-1794 1 Drupal 1 Webform Module 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Webform Drupal module 5.x before 5.x-1.10, 5.x-2.x before 5.x-2.0-beta3, and 6.x before 6.x-1.0-beta3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1787 1 Poplar Gedcom Viewer 1 Poplar Gedcom Viewer 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) text and (2) ul parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1716 1 Woltlab 1 Burning Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in WoltLab Community Framework (WCF) 1.0.6 in WoltLab Burning Board 3.0.5 allows remote attackers to inject arbitrary web script or HTML via the (1) page and (2) form parameters, which are not properly handled when they are reflected back in an error message.
CVE-2008-1698 1 Ventrian 1 Simple Gallery 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in gallery.php in Simple Gallery 2.2 allows remote attackers to inject arbitrary web script or HTML via the album parameter to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1663 1 Hp 1 System Management Homepage 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1655 2 Adobe, Redhat 4 Air, Flash Player, Flex and 1 more 2026-04-23 N/A
Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.
CVE-2008-1649 1 Myiosoft 1 Easynews 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_pupublish action.
CVE-2008-1098 1 Moinmoin 1 Moinmoin 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) certain input processed by formatter/text_gedit.py (aka the gui editor formatter); (2) a page name, which triggers an injection in PageEditor.py when the page is successfully deleted by a victim in a DeletePage action; or (3) the destination page name for a RenamePage action, which triggers an injection in PageEditor.py when a victim's rename attempt fails because of a duplicate name. NOTE: the AttachFile XSS issue is already covered by CVE-2008-0781, and the login XSS issue is already covered by CVE-2008-0780.
CVE-2008-1082 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation.
CVE-2008-1076 1 Interspire 1 Shopping Cart 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in Interspire Shopping Cart 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1075 1 Maianscriptworld 1 Maian Cart 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Maian Cart 1.1 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search command. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1073 1 Internet Security Systems 1 Internet Scanner 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the report interface in Internet Security Systems (ISS) Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1064 1 Xoops 1 Xoops Rmsoft Gallery System 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) 2.0 module (aka rmgs) for XOOPS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2008-1063 1 Xoops 1 Xm-memberstats 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability index.php in the XM-Memberstats (xmmemberstats) module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.
CVE-2008-1048 1 Plume-cms 1 Plume Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in manager/xmedia.php in Plume CMS 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
CVE-2008-1045 1 Alkacon 1 Opencms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the file tree navigation function in system/workplace/views/explorer/tree_files.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the resource parameter.
CVE-2008-1041 1 Matts Whois 1 Matts Whois 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mwhois.php in Matt Wilson Matt's Whois (MWhois) allows remote attackers to inject arbitrary web script or HTML via the domain parameter.
CVE-2008-1037 1 Packeteer 2 Packetshaper, Policycenter 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the file listing function in the web management interface in Packeteer PacketShaper and PolicyCenter 8.2.2 allows remote attackers to inject arbitrary web script or HTML via the FILELIST parameter to an arbitrary component, which triggers injection into an Error Report page.