Total
34410 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4547 | 1 Viart | 1 Viart Cms | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id parameter to (2) forum.php or (3) forum_topic_new.php. | ||||
| CVE-2009-4544 | 1 Cromosoft | 1 Facil Helpdesk | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in kbase/kbase.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2009-4542 | 1 Isolsoft | 1 Support Center | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in newticket.php in IsolSoft Support Center 2.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2009-4539 | 1 Sqlitemanager | 1 Sqlitemanager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in main.php in SQLiteManager 1.2.0 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter. | ||||
| CVE-2009-4532 | 2 Drupal, Nathan Haug | 2 Drupal, Webform | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, allows remote authenticated users, with webform creation privileges, to inject arbitrary web script or HTML via a field label. | ||||
| CVE-2009-4525 | 2 Drupal, Joao Ventura | 2 Drupal, Print | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Print (aka Printer, e-mail and PDF versions) module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via crafted data in a list of links. | ||||
| CVE-2009-4524 | 2 Drupal, Nancy Wichmann | 2 Drupal, Realname | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname (aka real name) element. | ||||
| CVE-2009-4523 | 1 Zainu | 1 Zainu | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Zainu 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchSongKeyword parameter in a SearchSong action. | ||||
| CVE-2009-4522 | 1 Bloofox | 1 Bloofoxcms | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in search.5.html in BloofoxCMS 0.3.5 allows remote attackers to inject arbitrary web script or HTML via the search parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4521 | 1 Eclipse | 1 Birt | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) before 2.5.0, as used in KonaKart and other products, allows remote attackers to inject arbitrary web script or HTML via the __report parameter. | ||||
| CVE-2009-4518 | 2 Drupal, Mark Burton | 2 Drupal, Insertnode | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node. | ||||
| CVE-2009-4516 | 2 Drupal, Nanwich | 2 Drupal, Faq Ask | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4514 | 2 Astha Bhatnagar, Drupal | 2 Shindigintegrator, Drupal | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" privileges, to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4513 | 2 Drupal, John Vandyk | 2 Drupal, Workflow | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Workflow module 5.x before 5.x-2.4 and 6.x before 6.x-1.2, a module for Drupal, allow remote authenticated users, with "administer workflow" privileges, to inject arbitrary web script or HTML via the name of a (1) workflow or (2) workflow state. | ||||
| CVE-2009-4505 | 1 Alkacon | 2 Oamp Comments, Opencms | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenCMS OAMP Comments Module 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the name field in a comment, and other unspecified vectors. | ||||
| CVE-2009-4497 | 1 Malcom Box | 1 Lxr Cross Referencer | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program. | ||||
| CVE-2009-4478 | 1 Xstate | 1 Real Estate | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xstate Real Estate 1.0 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) home.html or (2) lands.html. | ||||
| CVE-2009-4473 | 1 Ektron | 1 Cms4000.net | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the (1) css, (2) eca, (3) id, and (4) skin parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-4469 | 1 Giombetti | 1 Phppowercards | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pagenumber.inc.php in phpPowerCards 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) archiv parameter, and the (3) subcat parameter. | ||||
| CVE-2009-4468 | 1 Deluxebb | 1 Deluxebb | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||