Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3581 | 1 Qsoft | 1 K-links | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Qsoft K-Links allows remote attackers to inject arbitrary web script or HTML via the login_message parameter in a login action. | |||||
| CVE-2008-3771 | 1 Pars4u | 1 Videosharing | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter. | |||||
| CVE-2008-3779 | 1 Review-script | 1 Five Star Review Script | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search/index.php in Five Star Review Script allows remote attackers to inject arbitrary web script or HTML via the words parameter in a search action. | |||||
| CVE-2008-3923 | 1 Hans Oesterholt | 1 Cmme | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action. | |||||
| CVE-2008-4066 | 1 Mozilla | 1 Firefox | 2017-09-28 | 4.3 MEDIUM | N/A |
| Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav�ascript" sequence, aka "HTML escaped low surrogates bug." | |||||
| CVE-2008-4083 | 1 Brim-project | 1 Brim | 2017-09-28 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Bookmarks plugin in Brim 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in an addItemPost action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4089 | 1 Myphpnuke | 1 Myphpnuke | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | |||||
| CVE-2008-2975 | 1 Tinx Cms | 1 Tinx Cms | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter. | |||||
| CVE-2008-2082 | 1 Siteman | 1 Siteman | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote attackers to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message. | |||||
| CVE-2008-2127 | 1 Cms Faethon | 1 Cms Faethon | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2181 | 1 Cplinks | 1 Cplinks | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2295 | 1 Rgboard | 1 Rgboard | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in rg_search.php in Rgboard 3.0.12, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the s_text parameter and other unspecified vectors. | |||||
| CVE-2008-2335 | 1 Vastal | 1 Phpvid | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the query parameter. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 1.2.3 is also affected. | |||||
| CVE-2008-2379 | 1 Squirrelmail | 1 Squirrelmail | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message. | |||||
| CVE-2008-1036 | 2 Apple, Redhat | 3 Mac Os X, Mac Os X Server, Enterprise Linux | 2017-09-28 | 4.3 MEDIUM | N/A |
| The International Components for Unicode (ICU) library in Apple Mac OS X before 10.5.3, Red Hat Enterprise Linux 5, and other operating systems omits some invalid character sequences during conversion of some character encodings, which might allow remote attackers to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2007-6589 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-28 | 4.3 MEDIUM | N/A |
| The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a jar: URI, a different vulnerability than CVE-2007-5947. | |||||
| CVE-2007-6637 | 1 Adobe | 1 Flash Player | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1. | |||||
| CVE-2008-0155 | 1 Evilboard | 1 Evilboard | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in EvilBoard 0.1a (Alpha) allows remote attackers to inject arbitrary web script or HTML via the c parameter. | |||||
| CVE-2008-0398 | 1 Aflog | 1 Aflog | 2017-09-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the comment form. | |||||
| CVE-2008-0541 | 1 Gerd Tentler | 1 Simple Forum | 2017-09-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) open and (2) date_show parameters. | |||||