Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-2172 | 2 Dream, Jelsoft | 2 Radio And Tv Player Addon For Vbulletin, Vbulletin | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter. | |||||
| CVE-2009-2178 | 1 W2b | 1 Phpdatingclub | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in website.php in phpDatingClub 3.7 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2009-2181 | 1 Campware.org | 1 Campsite | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin-files/templates/list_dir.php in Campsite 3.3.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the listbasedir parameter. | |||||
| CVE-2008-7171 | 1 Yanick Bourbeau | 1 Lightweight News Portal | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Lightweight news portal (LNP) 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) photo parameter to show_photo.php, (2) potd parameter to show_potd.php, or (3) the Current question field in a vote action to admin.php. | |||||
| CVE-2009-0153 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-28 | 4.3 MEDIUM | N/A |
| International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems, does not properly handle invalid byte sequences during Unicode conversion, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2008-6168 | 1 Miniportail | 1 Miniportail | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified argument, probably the search string. | |||||
| CVE-2008-6215 | 1 Bookingcentre | 1 Booking System For Hotels Group | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to inject arbitrary web script or HTML via the OfertaID parameter. | |||||
| CVE-2008-6248 | 1 Galatolo | 1 Galatolo Webmanager | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter. | |||||
| CVE-2008-6259 | 1 Quadcomm | 1 Q-shop | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the srkeys parameter. | |||||
| CVE-2008-6267 | 1 Sadi Samami | 1 Multi Languages Webshop Online | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in detail.php in Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | |||||
| CVE-2008-6351 | 1 Turnkeyforms | 1 Local Classifieds | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter. | |||||
| CVE-2008-6370 | 1 Ocean12tech | 1 Contact Manager Pro | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter. | |||||
| CVE-2008-6501 | 1 Prochatrooms | 1 Pro Chat Rooms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter. | |||||
| CVE-2008-6529 | 1 Ezonescripts | 1 Living Local | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to inject arbitrary web script or HTML via the r parameter. | |||||
| CVE-2009-0467 | 1 Armorlogic | 1 Profense Web Application Firewall | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a deny_log manage action. | |||||
| CVE-2008-7098 | 1 Qsoft-inc | 1 K-rate | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Qsoft K-Rate Premium allow remote attackers to inject arbitrary web script or HTML via the blog, possibly the (1) Title and (2) Text fields; (3) the gallery, possibly the Description field in Your Pictures; (4) the forum, possibly the Your Message field when posting a new thread; or (5) the vote parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6607 | 1 Matpo | 1 Matpo Link | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter. | |||||
| CVE-2008-6629 | 1 Webbdomain | 1 Webshop Online | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | |||||
| CVE-2008-6683 | 1 Yourfreeworld | 1 Apartment Search Script | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter. | |||||
| CVE-2008-6700 | 1 Butterflymedia | 1 Butterfly Organizer | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter to category-rename.php, and (4) letter parameter to module-contacts.php. | |||||