Search Results (46006 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4601 1 Zeeways 1 Zeejobsite 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.
CVE-2008-2965 1 Jaxbot 1 Jaxultrabb 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
CVE-2009-1201 1 Cisco 1 Adaptive Security Appliance 2026-04-23 N/A
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
CVE-2007-0136 1 Drupal 1 Drupal 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in the (1) filter and (2) system modules. NOTE: some of these details are obtained from third party information.
CVE-2008-2493 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remote attackers to inject arbitrary web script or HTML via the review parameter.
CVE-2009-0248 1 Katywhitton 1 Rankem 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter.
CVE-2007-1905 1 Pineapple Technologies 1 Quizshock 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "<"<".
CVE-2006-6035 1 F-art Agency 1 Blog Cms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the FADDR parameter.
CVE-2008-6565 1 Invision Power Services 1 Invision Power Board 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.
CVE-2007-1938 1 Ichitaro 1 Ichitaro 2026-04-23 N/A
Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS).
CVE-2007-2811 1 Osk 1 Advance-flow 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5569 1 Phpeppershop 1 Phpeppershop 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHPepperShop 1.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php or (2) shop/kontakt.php, or (3) shop_kunden_mgmt.php or (4) SHOP_KONFIGURATION.php in shop/Admin/.
CVE-2008-5584 1 Projectpier 1 Projectpier 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a message, (2) a milestone, or (3) a display name in a profile, or the (4) a or (5) c parameter to index.php.
CVE-2007-6307 1 Jfree 1 Jfreechart 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote attackers to inject arbitrary web script or HTML via (1) the link parameter or (2) the User-Agent HTTP header.
CVE-2007-5179 1 Y\&k Iletisim Formu 1 Y\&k Iletisim Formu 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in Y&K Iletisim Formu allow remote attackers to inject arbitrary web script or HTML via the (1) ad, (2) sehir, (3) yas, (4) cins, (5) tel, (6) mail, and (7) mesaj parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5295 1 Wikepage 1 Opus 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a) Wikepage Opus 13 2007.2 and (b) TipiWiki 2 allow remote attackers to inject arbitrary web script or HTML via the (1) PageContent and (2) PageName parameters.
CVE-2007-5297 1 Minki 1 Minki 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2007-5303 1 Snewscms 1 Snewscms Rus 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter.
CVE-2007-5426 1 Interspire 1 Activekb Nx 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to inject arbitrary web script or HTML via the page parameter to the default URI for some directories, as demonstrated by (1) ActiveKB/ and (2) default/categories/ActiveKB/.
CVE-2007-6156 1 Secureideas 1 Basic Analysis And Security Engine 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.