Export limit exceeded: 364577 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 47248 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (47248 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0389 | 1 Mailenable | 1 Mailenable | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in ForgottenPassword.aspx in MailEnable Professional, Enterprise, and Premium 4.26 and earlier, 5.x before 5.53, and 6.x before 6.03 allows remote attackers to inject arbitrary web script or HTML via the Username parameter. | ||||
| CVE-2010-3870 | 3 Canonical, Php, Redhat | 3 Ubuntu Linux, Php, Enterprise Linux | 2025-04-11 | N/A |
| The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. | ||||
| CVE-2009-4707 | 2 Maximo Cuadros, Typo3 | 2 Gb Fenewssubmit, Typo3 | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3882 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Category, (6) Add Field Definition, or (7) Add Shortcut module. | ||||
| CVE-2009-4715 | 1 Phpscriptsnow | 1 Real Time Currency Exchange | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in rates.php in Real Time Currency Exchange allows remote attackers to inject arbitrary web script or HTML via the Amount parameter. | ||||
| CVE-2010-1625 | 1 Malcom Box | 1 Lxr Cross Referencer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results page for a search, a different vulnerability than CVE-2009-4497 and CVE-2010-1448. | ||||
| CVE-2010-1629 | 1 Phorum | 1 Phorum | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address. | ||||
| CVE-2011-4745 | 2 Parallels, Redhat | 2 Parallels Plesk Panel, Enterprise Linux | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 allow remote attackers to inject arbitrary web script or HTML via crafted input to a PHP script, as demonstrated by admin/index.php/default and certain other files. | ||||
| CVE-2011-1066 | 2 Drupal, Reyero | 2 Drupal, Messaging | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1095 | 1 Jan Schutze | 1 Truc | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4729 | 1 X10media | 1 Adult Script | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in x10 Adult Media Script 1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) pic_id parameter to includes/video_ad.php, (2) category parameter to linkvideos_listing.php, (3) id parameter to templates/header1.php, and (4) key parameter to video_listing.php. | ||||
| CVE-2010-3906 | 3 Git, Git-scm, Redhat | 3 Git, Git, Enterprise Linux | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters. | ||||
| CVE-2010-3841 | 1 Twiki | 1 Twiki | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the rev parameter to the view script or (2) the query string to the login script. | ||||
| CVE-2009-4736 | 1 Sensesites | 1 Commonsense Cms | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CommonSense CMS 5.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2010-3926 | 1 Wb-i | 2 Sgx-sp Final, Sgx-sp Final Ne | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3291 | 1 Hp | 2 Assetcenter, Assetmanager | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4505 | 1 Alkacon | 2 Oamp Comments, Opencms | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors. | ||||
| CVE-2010-1091 | 1 Phpmysite | 1 Phpmysite | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters. | ||||
| CVE-2009-4767 | 1 Plohni | 1 Shoutbox | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Plohni Shoutbox 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) input_name and (2) input_text parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1536 | 2 Drupal, Mearra | 2 Drupal, Addthis | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to inject arbitrary web script or HTML via unspecified vectors. | ||||