Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5770 | 1 Phpweather | 1 Phpweather | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | |||||
| CVE-2008-5933 | 1 Cmsisweb | 1 Cms Isweb | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the strcerca parameter (aka the input field for the cerca action) or (2) the id_oggetto parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5854 | 1 Myphpscripts | 1 Login Session | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5879 | 1 Phpclanwebsite | 1 Phpclanwebsite | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter and other unspecified vectors. | |||||
| CVE-2008-5889 | 1 Icash | 1 Click\&rank | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.asp in Click&Rank allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2008-5893 | 1 Icash | 1 Click\&email | 2017-09-28 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in admin_dblayers.asp in ClickAndEmail allows remote attackers to inject arbitrary web script or HTML via the tablename parameter in an update action. | |||||
| CVE-2008-5939 | 1 Modxcms | 1 Modxcms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MODx CMS 0.9.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in the username field, possibly related to snippet.ditto.php. NOTE: some sources list the id parameter as being affected, but this is probably incorrect based on the original disclosure. | |||||
| CVE-2008-5979 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | |||||
| CVE-2008-6004 | 1 Aj Square | 1 Aj Auction | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter. | |||||
| CVE-2008-6087 | 1 Camera Life | 1 Camera Life | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter. | |||||
| CVE-2008-6108 | 1 Gwm | 1 Galatolo Webmanager | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Galatolo WebManager (GWM) 1.0 allows remote attackers to inject arbitrary web script or HTML via the key parameter. | |||||
| CVE-2008-2445 | 1 Wgcc | 1 Web Group Communication Center | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a show action. | |||||
| CVE-2008-2496 | 1 Quate | 1 Quate Cms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Quate CMS 0.3.4 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) login.php, and (3) credits.php in admin/, and (4) upgrade/index.php. | |||||
| CVE-2008-2505 | 1 Simpel Side | 1 Weblosninger | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in result.php in Simpel Side Weblosning 1 through 4 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2008-2533 | 1 Fkrauthan | 1 Phoenix View Cms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phoenix View CMS Pre Alpha2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ltarget parameter to (a) admin/admin_frame.php and the (2) conf parameter to (b) gbuch.admin.php, (c) links.admin.php, (d) menue.admin.php, (e) news.admin.php, and (f) todo.admin.php in admin/module/. | |||||
| CVE-2008-2561 | 1 Fourtwosevenbb | 1 427bb | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to (a) register.php, (b) reminder.php, and (c) search.php; the (2) uname, (3) email, and (4) email2 parameters to register.php; the (5) email parameter to reminder.php; and the (6) keywords parameter to search.php. | |||||
| CVE-2008-2566 | 1 Php-address Book | 1 Php-address Book | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI. | |||||
| CVE-2008-2646 | 1 Mebiblio | 1 Mebiblio | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sql parameter to dbadd.inc.php, (2) InsertJournal parameter to add_journal_mask.inc.php, (3) InsertBibliography parameter to insert_mask.inc.php, and (4) LabelYear parameter to search_mask.inc.php. | |||||
| CVE-2008-2677 | 1 Telephone | 1 Telephone Directory 2008 | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in edit1.php in Telephone Directory 2008 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2008-2680 | 1 Realm Project | 1 Realm Cms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters. | |||||