Search Results (46006 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4760 1 Hitachi 4 Ucosminexus Application Server Enterprise, Ucosminexus Application Server Standard, Ucosminexus Developer Standard and 1 more 2026-04-23 N/A
The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503.
CVE-2008-4542 1 Cisco 1 Unity 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).
CVE-2008-4530 1 Drupal 1 Brilliant Gallery 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for Drupal, allows remote authenticated users with permissions to inject arbitrary web script or HTML via unspecified vectors related to posting of answers.
CVE-2008-4532 1 Maxiscript 1 Website Directory 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in MaxiScript Website Directory allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a search action.
CVE-2009-0971 1 Futomi 1 Access Analyzer Cgi 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-4485 1 Bluecoat 1 Security Gateway Os 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the ICAP patience page in Blue Coat Security Gateway OS (SGOS) 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2008-4450 1 Apache Friends 1 Xampp 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password, (5) database, and (6) table parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4426 1 Phlatline 1 Personal Information Manager 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the date parameter in a new action.
CVE-2008-4326 2 Microsoft, Phpmyadmin 2 Internet Explorer, Phpmyadmin 2026-04-23 N/A
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
CVE-2008-3941 1 Bizdirectory 1 Bizdirectory 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in BizDirectory 2.04 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter in a search action to the default URI.
CVE-2009-1091 1 Rapidleech 1 Rapidleech 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to inject arbitrary web script or HTML via the uploaded parameter.
CVE-2008-3917 1 Ovidentia 1 Ovidentia 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in Ovidentia 6.6.5 allows remote attackers to inject arbitrary web script or HTML via the field parameter in a search action.
CVE-2008-3881 1 Zoneminder 1 Zoneminder 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files.
CVE-2008-3874 1 Lussumo 1 Vanilla 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). NOTE: some of these details are obtained from third party information.
CVE-2008-3841 1 Openfreeway 1 Freeway 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway eCommerce 1.4.1.171 allows remote attackers to inject arbitrary web script or HTML via the search_link parameter.
CVE-2008-3846 1 Aquagardensoft 1 Mysql-lists 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1162 1 Cisco 2 Ironport Asyncos, Ironport Email Security Appliances 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Spam Quarantine login page in Cisco IronPort AsyncOS before 6.5.2 on Series C, M, and X appliances allows remote attackers to inject arbitrary web script or HTML via the referrer parameter.
CVE-2008-3771 1 Pars4u 1 Videosharing 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.
CVE-2008-3726 1 Microworld Technologies 1 Mailscan 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Web Based Administration in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to inject arbitrary web script or HTML via the URI.
CVE-2008-3121 1 Xerox 1 Centreware Web 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.