Vulnerabilities (CVE)

CWE filter

CWE-79

Filter

12018 total CVE
CVE Vendors Products Updated CVSS
CVE-2002-2348 1 Authoria 1 Authoria 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.
CVE-2002-2347 1 Oracle 1 Application Server 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject...
CVE-2002-2343 1 Nocc 1 Nocc 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
CVE-2002-2341 1 Sonicwall 1 Soho3 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.
CVE-2002-2339 1 Script Shed 1 Ssgbook 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and...
CVE-2002-2321 1 Phplinkat 1 Phplinkat 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
CVE-2002-2318 1 Blueface 1 Falcon Web Server 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
CVE-2002-1958 1 Kmmail 1 Kmmail 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to inject arbitrary web script or HTML via (1) javascript in onmouseover or other attributes in "safe" HTML tags such as the "b" tag, or (2) the Subject field.
CVE-2007-4040 1 Microsoft 2 Outlook Express, Outlook 2008-09-05 4.3
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an...
CVE-2007-4039 1 Mozilla 1 Mozilla 2008-09-05 4.3
Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are...
CVE-2008-1299 1 Manageengine 1 Servicedesk Plus 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this...
CVE-2002-2230 1 Ikonboard 1 Ikonboard 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant...
CVE-2008-3937 1 Opendb 1 Opendb 2008-09-05 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an edit action to user_admin.php, the (2) title...
CVE-2007-3954 2 Microsoft, Mozilla 2 Seamonkey, Ie 2008-09-05 4.3
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with SeaMonkey installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via...
CVE-2008-3935 1 D-ic 2 Shop V52, Shop V50 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3397 1 Runesoft 1 Cerberus Cms 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie.
CVE-2007-5817 1 Contentcustomizer 1 Contentcustomizer 2008-09-05 4.3
dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and...
CVE-2007-5954 1 Jlmforo System 1 Jlmforo System 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. NOTE: the provenance of this information is unknown; the details are obtained...