Lucene search
K

3789 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:47 p.m.16 views

CVE-2005-1443

Multiple cross-site scripting XSS vulnerabilities in index.php for Invision Power Board IPB 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the 1 act, 2 Members, 3 calendar, or 4 HID parameters...

6.8CVSS6AI score0.01278EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:47 p.m.14 views

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

7.5CVSS6.8AI score0.02284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:41 p.m.7 views

CVE-2023-25347

A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...

5.4CVSS5.4AI score0.00622EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.6 views

CVE-2018-18674

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board tail contents" parameter, aka the adm/boardformupdate.php bocontenttail parameter...

6.1CVSS6AI score0.01161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.6 views

CVE-2018-18678

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroupformupdate.php gr110 parameter...

6.1CVSS6AI score0.0113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:9 p.m.6 views

CVE-2018-18671

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/boardformupdate.php bomobilecontenthead parameter...

6.1CVSS6AI score0.01521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:53 a.m.6 views

CVE-2009-4039

Cross-site scripting XSS vulnerability in Piwigo before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.9AI score0.01913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:53 a.m.5 views

CVE-2009-4398

Cross-site scripting XSS vulnerability in the Parish of the Holy Spirit Religious Art Gallery hsreligiousartgallery extension 0.1.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00855EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:53 a.m.5 views

CVE-2009-4839

Multiple cross-site scripting XSS vulnerabilities in Basic Analysis and Security Engine BASE, possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/baseroleadmin.php, 2 admin/baseuseradmin.php, 3 baseconfcontents.php, 4...

4.3CVSS6AI score0.01083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:52 a.m.10 views

CVE-2009-4518

Cross-site scripting XSS vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node...

4.3CVSS6AI score0.01065EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:52 a.m.7 views

CVE-2009-4859

Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...

4.3CVSS6AI score0.00929EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:52 a.m.8 views

CVE-2009-4688

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the 1 txtkeywords and 2 cid parameters...

4.3CVSS6.1AI score0.03081EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.9 views

CVE-2009-4989

Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...

4.3CVSS5.9AI score0.01484EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4972

Cross-site scripting XSS vulnerability in index.php aka the log in page in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.9AI score0.01065EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:50 a.m.9 views

CVE-2009-4852

Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...

4.3CVSS6AI score0.01033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:50 a.m.7 views

CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

4.3CVSS6AI score0.01303EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:49 a.m.6 views

CVE-2009-4586

Multiple cross-site scripting XSS vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 sortby, 2 tags, or 3 ctx parameter in a search action...

4.3CVSS6AI score0.01097EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.6 views

CVE-2009-4157

Multiple cross-site scripting XSS vulnerabilities in index.php in the ProofReader comproofreader component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in 1 404 or 2 error pages...

4.3CVSS6AI score0.01189EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.3 views

CVE-2009-4391

Cross-site scripting XSS vulnerability in the File list drblob extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00855EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.7 views

CVE-2009-4346

Cross-site scripting XSS vulnerability in the Frontend news submitter with RTE fertenews extension 1.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00845EPSS
Exploits0References1
Rows per page
Query Builder