Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 28117 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-1732 1 Richard Ellerbrock 1 Ipplan 2009-07-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin/usermanager in IPplan 4.91a allows remote attackers to inject arbitrary web script or HTML via the grp parameter.
CVE-2009-2343 1 Zoph 1 Zoph 2009-07-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
CVE-2009-2373 1 Drupal 1 Drupal 2009-07-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Forum module in Drupal 6.x before 6.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2370 2 Drupal, Michelle Cox 2 Drupal, Advanced Forum 2009-07-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Advanced Forum 5.x before 5.x-1.1 and 6.x before 6.x-1.1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2342 1 Hans Oesterholt 1 Cmme 2009-07-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin.php (aka the login page) in Content Management Made Easy (CMME) before 1.22 allows remote attackers to inject arbitrary web script or HTML via the username field.
CVE-2009-2221 1 Php.s3 1 Php-i-board 2009-07-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5324 1 Ibm 1 Rational Clearquest 2009-07-02 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in CQ Web in IBM Rational ClearQuest 2007 before 2007D and 2008 before 2008B allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2211 1 Ibm 1 Rational Clearquest 2009-07-02 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the CQWeb server in IBM Rational ClearQuest 7.0.0 before 7.0.0.6 and 7.0.1 before 7.0.1.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2104 2 Typo3, Udo Von Eynern 2 Typo3, Modern Guest Book Commenting System 2009-07-02 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Commenting System (ve_guestbook) extension 2.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2240 1 Ad2000 1 Free-sw Leger 2009-06-30 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6835 2 Drupal, Peter Wolanin 2 Drupal, Openid 2009-06-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in OpenID 5.x before 5.x-1.2, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1849 1 Paessler 2 Prtg Traffic Grapher, Prtg Traffic Grapher6.0.5.416 2009-06-29 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Monitor_Bandwidth function in PRTG Traffic Grapher 6.2.2.977 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-2215 1 Urdland 1 Urd 2009-06-26 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other components.
CVE-2009-2170 1 Mahara 1 Mahara 2009-06-24 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2009-2126 1 Elvinbts 1 Elvinbts 2009-06-22 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the title (aka subject) field.
CVE-2009-2032 1 Pagedowntech 1 Pdshoppro 2009-06-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2009-2078 2 Drupal, Heine.familiedeelstra 2 Drupal, Booktree 2009-06-17 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the (1) node title and (2) node body in a tree root page.
CVE-2009-0764 1 Bookelves 1 Kipper 2009-06-17 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote attackers to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-5613 1 Mortbay Jetty 1 Jetty 2009-06-10 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
CVE-2009-1881 1 Mt312 1 Img-bbs 2009-06-09 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to model.php with a timestamp before 20090521.