Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 34649 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0594 1 Apmuthu 1 Phpskelsite 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2009-0526 1 Adaptcms 1 Adaptcms 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in AdaptCMS Lite 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) url and (2) acuparam parameters, and (3) the URI.
CVE-2008-7043 1 Freshscripts 1 Fresh Email Script 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks.
CVE-2008-6906 1 Babbleboard 1 Babbleboard 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers to inject arbitrary web script or HTML via the username.
CVE-2008-6683 1 Yourfreeworld 1 Apartment Search Script 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6715 1 Preprojects 1 Pre Ads Portal 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
CVE-2009-0467 1 Armorlogic 1 Profense Web Application Firewall 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in proxy.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allows remote attackers to inject arbitrary web script or HTML via the proxy parameter in a deny_log manage action.
CVE-2008-6607 1 Matpo 1 Matpo Link 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter.
CVE-2008-7072 1 Chipmunk-scripts 1 Chipmunk Topsites 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Chipmunk Topsites allows remote attackers to inject arbitrary web script or HTML via the start parameter.
CVE-2008-6977 1 Fullrevolution 1 Aspwebalbum 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action.
CVE-2008-6215 1 Bookingcentre 1 Booking System For Hotels Group 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in cadena_ofertas_ext.php in Venalsur Booking Centre Booking System for Hotels Group allows remote attackers to inject arbitrary web script or HTML via the OfertaID parameter.
CVE-2008-6370 1 Ocean12tech 1 Contact Manager Pro 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Contact Manager Pro 1.02 allows remote attackers to inject arbitrary web script or HTML via the DisplayFormat parameter.
CVE-2008-4888 1 Netrisk 1 Netrisk 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5202 1 Otmanager 1 Otmanager Cms 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote attackers to inject arbitrary web script or HTML via the conteudo parameter.
CVE-2008-5566 1 Phpmultiplenewsletters 1 Phpmultiplenewsletters 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Triangle Solutions PHP Multiple Newsletters 2.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2008-6087 1 Camera Life 1 Camera Life 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in topic.php in Camera Life 2.6.2b4 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-5729 1 Netcat 1 Netcat 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) form and (2) control parameters to FCKeditor/neditor.php, and the (3) path parameter to admin/siteinfo/iframe.inc.php.
CVE-2008-5933 1 Cmsisweb 1 Cms Isweb 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in CMS ISWEB 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the strcerca parameter (aka the input field for the cerca action) or (2) the id_oggetto parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4372 1 Availscript 1 Availscript Article Script 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in articles.php in AvailScript Article Script allows remote attackers to inject arbitrary web script or HTML via the aIDS parameter.
CVE-2008-5290 1 Scripts4you 1 Clean Cms 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in full_txt.php in Werner Hilversum Clean CMS 1.5 allows remote attackers to inject arbitrary web script or HTML via the id parameter.