Total
34410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4868 | 1 Hitronsoft | 1 Answer Me | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0 allows remote attackers to inject arbitrary web script or HTML via the q_id parameter to the answers script (aka answers.php). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4866 | 1 Matt Wright | 1 Simple Search | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Script Archive (MSA) Simple Search 1.0 allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4864 | 1 I-escorts | 2 I-escorts Agency Script, I-escorts Directory Script | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the (1) search_name and (2) languages parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4861 | 1 Supportpro | 1 Supportdesk | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in shownews.php in SupportPRO SupportDesk 3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2009-4859 | 1 Onlinetechtools.com | 1 Owos Lite | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Online Work Order Suite (OWOS) Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) default.asp and (2) report.asp, and the (3) go parameter to login.asp. | ||||
| CVE-2009-4858 | 1 Turnkeyforms | 1 Yahoo-answers-clone | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in questiondetail.php in Yahoo Answers Clone allows remote attackers to inject arbitrary web script or HTML via the questionid parameter. | ||||
| CVE-2009-4857 | 1 Ecomstudio | 1 Php Photo Vote1.3f | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in PHP Photo Vote 1.3F allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2009-4856 | 1 Ecomstudio | 1 Php Easy Shopping Cart | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
| CVE-2009-4853 | 2 Foswiki, Jumpbox | 2 Foswiki, Jumpbox | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in JumpBox before 1.1.2 for Foswiki Wiki System allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4852 | 1 Festic | 1 Semanticscuttle | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4848 | 1 Toutvirtual | 1 Virtualiq | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.2 build 7882 and 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) userId parameter to tvserver/server/user/setPermissions.jsp, (2) deptName parameter to tvserver/server/user/addDepartment.jsp, (3) ID parameter to tvserver/server/inventory/inventoryTabs.jsp, (4) reportName parameter to tvserver/reports/virtualIQAdminReports.do, or (5) middleName parameter in a save action to tvserver/user/user.do. | ||||
| CVE-2009-4842 | 1 Toutvirtual | 1 Virtualiq | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) addNewDept, (2) deptId, or (3) deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the (4) firstName, (5) lastName, or (6) email parameter in a save action to tvserver/user/user.do. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-4839 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php. | ||||
| CVE-2009-4837 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[1] parameter to base/base_qry_main.php, or the time[0][1] parameter to (2) base/base_stat_alerts.php or (3) base/base_stat_uaddr.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4829 | 3 Drupal, James Glasgow, John Vandervort | 3 Drupal, Autologout, Autologout | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Automated Logout module 6.x-1.x before 6.x-1.7 and 6.x-2.x before 6.x-2.3 for Drupal allows remote authenticated users with administer autologout privileges to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4823 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter. | ||||
| CVE-2009-4822 | 1 Kasseler-cms | 1 Kasseler Cms | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kasseler CMS 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) do, (2) id, and (3) uname parameters. | ||||
| CVE-2009-4814 | 1 Wolfram | 1 Webmathematica | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Wolfram Research webMathematica allows remote attackers to inject arbitrary web script or HTML via the URI to the MSP script. | ||||
| CVE-2009-4813 | 1 Mybboard | 1 Mybb | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action. | ||||
| CVE-2009-4804 | 3 Mario Matzulla, Microsoft, Typo3 | 3 Calendar Base, Internet Explorer, Typo3 | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Calendar Base (cal) extension before 1.1.1 for TYPO3, when Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via "search parameters." | ||||