Search Results (46006 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2344 1 Typo3 1 Air Filemanager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2369 1 Redhat 2 Network Satellite, Satellite 2026-04-23 9.1 Critical
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements.
CVE-2008-2397 1 Dotcms 1 Dotcms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-2490 1 Typo3 1 Kj Imagelightbox2 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the KJ Image Lightbox 2 (aka kj_imagelightbox2) extension 1.4.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified "user input."
CVE-2008-2494 1 Pancake 1 Zina 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Zina 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via the l parameter.
CVE-2008-2500 1 Mambo 1 Mostlyce 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the MOStlyContent Editor (MOStlyCE) component before 3.0 for Mambo allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2525 1 Typo3 1 Rlmp Eventdb 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Event Database (aka rlmp_eventdb) extension before 1.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2526 1 Typo3 1 Wt Gallery 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the WT Gallery (aka wt_gallery) extension 2.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-2527 1 Actualscripts 4 Actualanalyzer Gold, Actualanalyzer Lite, Actualanalyzer Pro and 1 more 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter.
CVE-2008-2694 1 Phpinv 1 Phpinv 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
CVE-2008-2680 1 Realm Project 1 Realm Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters.
CVE-2008-4876 1 Philips Electronics 1 Voip841 Dect Phone 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote attackers to inject arbitrary web script or HTML via the request URL, which is not properly handled in a 404 web error page.
CVE-2008-2743 1 Xerox 3 Xerox 4110, Xerox 4590, Xerox 4595 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the embedded web server in Xerox 4110, 4590, and 4595 Copier/Printers allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2008-2842 1 Doitlive 1 Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter.
CVE-2008-2756 1 Xigla 1 Absolute Control Panel Xe 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-2759 1 Xigla 1 Absolute Form Processor Xe 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) showfields, (2) text, and (3) submissions parameters to search.asp and the (4) name parameter to users.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-2788 1 Opendocman 1 Opendocman 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
CVE-2008-2855 1 Ownrs 1 Ownrs 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2009-2823 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software.
CVE-2008-3082 1 Commtouch 1 Enterprise Anti-spam Gateway 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.