Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 21765 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4426 1 Phlatline 1 Personal Information Manager 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the date parameter in a new action.
CVE-2008-4591 1 Phpwebgallery 1 Phpwebgallery 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters.
CVE-2008-4756 1 Php-daily 1 Php-daily 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in add_prest_date.php in PHP-Daily allows remote attackers to inject arbitrary web script or HTML via the date parameter.
CVE-2008-4774 1 Questwork 1 Questcms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in main/main.php in QuestCMS allows remote attackers to inject arbitrary web script or HTML via the cx parameter.
CVE-2008-4888 1 Netrisk 1 Netrisk 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5059 1 Modernbill 1 Modernbill 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in ModernBill 4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript event in the new_language parameter in a login action.
CVE-2008-5061 1 Smolinari 1 Mini Web Calendar 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2008-5193 1 Philboard 1 Philboard 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024.
CVE-2008-5202 1 Otmanager 1 Otmanager Cms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter.
CVE-2008-5203 1 Poweraward 1 Poweraward 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in external_vote.php in PowerAward 1.1.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the l_vote_done parameter.
CVE-2008-5214 1 Clanlite 1 Clanlite 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in service/calendrier.php in ClanLite 2.2006.05.20 allows remote attackers to inject arbitrary web script or HTML via the annee parameter.
CVE-2008-5290 1 Scripts4you 1 Clean Cms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-5323 1 Easy-script 1 Wysi Wiki Wyg 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2008-5338 1 Multimania 2 Bandsite Portal System, Bandwebsite 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in info.php in Bandwebsite (aka Bandsite portal system) 1.5 allows remote attackers to inject arbitrary web script or HTML via the section parameter.
CVE-2008-5487 1 Turnkeyforms 1 Text Link Sales 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-5566 1 Phpmultiplenewsletters 1 Phpmultiplenewsletters 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-5591 1 Iwrite 1 Nightfall Personal Diary 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in login.asp in Nightfall Personal Diary 1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter and possibly other "login fields." NOTE: some of these details are obtained from third party information.
CVE-2008-5761 1 Flatnux 1 Flatnux 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter to the default URI; (2) the foto parameter to photo.php in the 05_Foto module; or (3) the name parameter in an insertrecord action to index.php in the 08_Files module, as demonstrated by injection within a SRC attribute of an IFRAME element.
CVE-2008-5918 1 Tigris 1 Websvn 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the getParameterisedSelfUrl function in index.php in WebSVN 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-5729 1 Netcat 1 Netcat 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) form and (2) control parameters to FCKeditor/neditor.php, and the (3) path parameter to admin/siteinfo/iframe.inc.php.