Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3394 | 1 Infomining | 1 Bookmine | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in search.cfm in BookMine allow remote attackers to inject arbitrary web script or HTML via the (1) gallery and (2) search_string parameters. | |||||
| CVE-2008-3501 | 1 Novell | 1 Groupwise | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess simple interface in Novell Groupwise 7.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-3457 | 1 Phpmyadmin | 1 Phpmyadmin | 2017-08-07 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify config/config.inc.php. | |||||
| CVE-2008-3482 | 1 Panasonic | 8 Bb Hcm511, Bb Hcm515, Bb Hcm527 and 5 more | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the error page feature in Panasonic Network Camera BL-C111, BL-C131, BB-HCM511, BB-HCM531, BB-HCM580, BB-HCM581, BB-HCM527, and BB-HCM515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-3483 | 1 Screwturn | 1 Screwturn Wiki | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ScrewTurn Wiki 2.0.29 and 2.0.30 allows remote attackers to inject arbitrary web script or HTML via error messages in the "/admin.aspx - System Log" page. | |||||
| CVE-2008-3500 | 1 Drupal | 1 Suggested Terms Module | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Suggested Terms module 5.x before 5.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via crafted Taxonomy terms. | |||||
| CVE-2008-3510 | 1 Crafty Syntax Live Help | 1 Crafty Syntax Live Help | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty Syntax Live Help (CSLH) 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter. | |||||
| CVE-2008-3511 | 1 Softbiz | 1 Image Gallery | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Image Gallery (Photo Gallery) allow remote attackers to inject arbitrary web script or HTML via the (1) latest parameter to (a) index.php, (b) images.php, (c) suggest_image.php, and (d) image_desc.php; and the (2) msg parameter to index.php, images.php, and suggest_image.php, and (e) index.php, (f) adminhome.php, (g) config.php, (h) changepassword.php, (i) cleanup.php, (j) browsecats.php, and (k) images.php in admin/. NOTE: the image_desc.php/msg vector is covered by CVE-2006-1660. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3559 | 1 Kaphotoservice | 1 Kaphotoservice | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice allow remote attackers to inject arbitrary web script or HTML via the (1) filename parameter to search.asp and the (2) page parameter to order.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3560 | 1 Xoops | 1 Kshop Module | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in kshop_search.php in the Kshop module 2.22 for Xoops allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2008-3565 | 1 Mrbs | 1 Mrbs | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Meeting Room Booking System (MRBS) 1.2.6 allow remote attackers to inject arbitrary web script or HTML via the area parameter to (1) day.php, (2) week.php, (3) month.php, (4) search.php, (5) report.php, and (6) help.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3566 | 1 Zoneo-soft | 1 Freeforum | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum 1.7 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter to (1) the default URI or (2) index.php, or (3) the PATH_INFO to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3572 | 1 Pligg | 1 Pligg Cms | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pligg 9.9.5 allows remote attackers to inject arbitrary web script or HTML via the category parameter. | |||||
| CVE-2008-2397 | 1 Dotcms | 1 Dotcms | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search-results.dot in dotCMS 1.x allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-2410 | 1 Ibm | 1 Lotus Domino Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-2413 | 1 Acgv.free | 1 Acgv News | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2008-2414 | 1 Aguestbook | 1 An Guestbook | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter. | |||||
| CVE-2008-1476 | 1 Serendipity | 1 Serendipity | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to received trackbacks. | |||||
| CVE-2008-1474 | 1 Roundup-tracker | 1 Roundup | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS). | |||||
| CVE-2008-1273 | 1 Imagevue | 1 Imagevue | 2017-08-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) popup.php, (2) test/dir2.php, (3) admin/upload.php, and (4) dirxml.php in upload/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||