Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1510 | 1 Alkacon | 1 Opencms | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in system/workplace/admin/accounts/users_list.jsp in Alkacon OpenCMS 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) searchfilter or (2) listSearchFilter parameter. | |||||
| CVE-2008-1649 | 1 Myiosoft | 1 Easynews | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in EasyNews 4.0 allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_pupublish action. | |||||
| CVE-2008-1548 | 1 Aeries | 1 Aeries Student Information System | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to inject arbitrary web script or HTML via the (1) UserName parameter to loginproc.asp and the (2) usr parameter to Login.asp. | |||||
| CVE-2008-1560 | 1 Digiappz | 1 Digidomain | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Digiappz DigiDomain 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) domain parameter to lookup_result.asp, and the (2) word1 and (3) word2 parameters to suggest_result.asp. | |||||
| CVE-2008-1556 | 1 Bolinos | 1 Bolinos | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php. | |||||
| CVE-2008-1499 | 1 Cpanel | 1 Cpanel | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2008-1477 | 1 Jcorporate | 1 Eforum | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in busca.php in eForum 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) busca and (2) link parameters. | |||||
| CVE-2008-1458 | 1 Cs-cart | 1 Cs-cart | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a products search action. NOTE: it was also reported that 1.3.5-SP2 trial edition is also affected. | |||||
| CVE-2008-1470 | 1 Rsa | 1 Webid | 2018-10-11 | 4.3 MEDIUM | N/A |
| Incomplete blacklist vulnerability in IISWebAgentIF.dll in the WebID RSA Authentication Agent 5.3, and possibly earlier, allows remote attackers to conduct cross-site scripting (XSS) attacks via the postdata parameter, due to an incomplete fix for CVE-2005-1118. | |||||
| CVE-2008-1385 | 1 S9y | 1 Serendipity | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header. | |||||
| CVE-2008-1413 | 1 Snews | 1 Snews Cms Rus | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in SNewsCMS Rus 2.1 through 2.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2008-1386 | 1 S9y | 1 Serendipity | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the installer in Serendipity (S9Y) 1.3 allow remote attackers to inject arbitrary web script or HTML via (1) unspecified path fields or (2) the database host field. NOTE: the timing window for exploitation of this issue might be limited. | |||||
| CVE-2008-1414 | 1 Riceball | 1 Multiple Time Sheets | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the tab parameter to (1) index.php, as demonstrated using mixed case and encoded whitespace characters in the tag; or (2) clientinfo.php, (3) invoices.php, (4) smartlinks.php, and (5) todo.php, as demonstrated using a META tag. | |||||
| CVE-2008-1257 | 1 Zyxel | 4 P-660hw, P-660hw D1, P-660hw D3 and 1 more | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote attackers to inject arbitrary web script or HTML via the PingIPAddr parameter. | |||||
| CVE-2008-1253 | 1 D-link | 1 Dsl-g604t | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page. | |||||
| CVE-2008-1300 | 1 Alkacon | 1 Opencms | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Logfile Viewer Settings function in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the filePath.0 parameter in a save action, a different vector than CVE-2008-1045. | |||||
| CVE-2008-1347 | 1 Myiosoft | 1 Easycalendar | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easygallery/index.php in MyioSoft EasyGallery 5.0tr and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the q parameter in an about action to the help system. | |||||
| CVE-2008-1251 | 1 Snom | 1 320 Sip Phone | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface on the central phone server for the Snom 320 SIP Phone allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2008-1304 | 1 Wordpress | 1 Wordpress | 2018-10-11 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) inviteemail parameter in an invite action to wp-admin/users.php and the (2) to parameter in a sent action to wp-admin/invites.php. | |||||
| CVE-2008-1283 | 1 Silver-forge | 1 Neptune Web Server | 2018-10-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Neptune Web Server 3.0 allows remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in the 404 error page. | |||||