Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 21765 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2694 1 Phpinv 1 Phpinv 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
CVE-2008-2839 1 Traindepot 1 Traindepot 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to index.php.
CVE-2008-2842 1 Doitlive 1 Cms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in edit/showmedia.asp in doITLive CMS 2.50 and earlier allows remote attackers to inject arbitrary web script or HTML via the FILE parameter.
CVE-2008-2855 1 Ownrs 1 Ownrs 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-2911 1 Contenido 1 Contendio 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.
CVE-2008-2929 2 Fedora, Redhat 2 Directory Server, Directory Server 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping.
CVE-2008-2965 1 Jaxbot 1 Jaxultrabb 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
CVE-2008-2962 1 Myblog 1 Myblog 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
CVE-2008-2973 1 Mm Chat 1 Mm Chat 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in chathead.php in MM Chat 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sitename and (2) wmessage parameters.
CVE-2008-2979 1 Ourvideo Cms 1 Ourvideo Cms 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.
CVE-2008-2984 1 Cmreams 1 Cmreams Cms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in backend/umleitung.php in CMReams CMS 1.3.1.1 Beta 2 allows remote attackers to inject arbitrary web script or HTML via the lang[be_red_text] parameter.
CVE-2008-2980 1 Homeph Design 1 Homeph Design 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift] parameter to admin/features/memberlist/memberlist.php, the (3) language_array[ueberschrift] parameter to admin/features/lostpassword/lostpassword.php, the (4) language_feature[titel] parameter to admin/features/kalender/eingabe.php, and the (5) language_feature[bildmenu] parameter to admin/features/fotogalerie/eingabe.php.
CVE-2008-2997 1 Gravityboardx 1 Gravity Board X 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
CVE-2008-3088 1 Kasseler-cms 1 Kasseler Cms 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
CVE-2008-3180 1 Cwh Underground 1 Contentnow Cms 2017-09-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.
CVE-2008-3237 1 Itechscripts 1 Itechbids 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
CVE-2008-3305 1 Carlos Desseno 1 Youtube Blog 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in mensaje.php in C. Desseno YouTube Blog (ytb) 0.1 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
CVE-2008-3331 1 Mantis 1 Mantis 2017-09-28 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the filter_target parameter.
CVE-2008-3505 1 Polypager 1 Polypager 2017-09-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI.
CVE-2008-3567 1 Nullsoft 1 Winamp 2017-09-28 4.3 MEDIUM N/A
Cross-zone scripting vulnerability in the NowPlaying functionality in NullSoft Winamp before 5.541 allows remote attackers to conduct cross-site scripting (XSS) attacks via an MP3 file with JavaScript in id3 tags.