Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 34649 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3771 1 Pars4u 1 Videosharing 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote attackers to inject arbitrary web script or HTML via the PageNo parameter.
CVE-2008-2646 1 Mebiblio 1 Mebiblio 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in meBiblio 0.4.7 allow remote attackers to inject arbitrary web script or HTML via the (1) sql parameter to dbadd.inc.php, (2) InsertJournal parameter to add_journal_mask.inc.php, (3) InsertBibliography parameter to insert_mask.inc.php, and (4) LabelYear parameter to search_mask.inc.php.
CVE-2008-2975 1 Tinx Cms 1 Tinx Cms 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin/objects/obj_image.php in TinX/cms 1.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
CVE-2008-4066 1 Mozilla 1 Firefox 2017-09-29 4.3 MEDIUM N/A
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav&#56325ascript" sequence, aka "HTML escaped low surrogates bug."
CVE-2008-2855 1 Ownrs 1 Ownrs 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-2181 1 Cplinks 1 Cplinks 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote attackers to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: some of these details are obtained from third party information.
CVE-2008-2445 1 Wgcc 1 Web Group Communication Center 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in profile.php in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a show action.
CVE-2008-2965 1 Jaxbot 1 Jaxultrabb 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
CVE-2008-2979 1 Ourvideo Cms 1 Ourvideo Cms 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpi/login.php in Ourvideo CMS 9.5 allow remote attackers to inject arbitrary web script or HTML via the (1) top_page and (2) end_page parameters.
CVE-2008-2561 1 Fourtwosevenbb 1 427bb 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to (a) register.php, (b) reminder.php, and (c) search.php; the (2) uname, (3) email, and (4) email2 parameters to register.php; the (5) email parameter to reminder.php; and the (6) keywords parameter to search.php.
CVE-2008-3088 1 Kasseler-cms 1 Kasseler Cms 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.
CVE-2008-2839 1 Traindepot 1 Traindepot 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter to index.php.
CVE-2008-2379 1 Squirrelmail 1 Squirrelmail 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
CVE-2008-2680 1 Realm Project 1 Realm Cms 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters.
CVE-2008-2929 2 Fedora, Redhat 2 Directory Server, Directory Server 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping.
CVE-2008-3237 1 Itechscripts 1 Itechbids 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in forward_to_friend.php in ITechBids 7.0 Gold allows remote attackers to inject arbitrary web script or HTML via the productid parameter.
CVE-2008-4089 1 Myphpnuke 1 Myphpnuke 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVE-2008-3505 1 Polypager 1 Polypager 2017-09-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via the nr parameter to the default URI.
CVE-2008-2566 1 Php-address Book 1 Php-address Book 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the group parameter to (1) index.php or (2) the default URI.
CVE-2008-3180 1 Cwh Underground 1 Contentnow Cms 2017-09-29 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.