Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4568 matches found

OSV
OSVadded 2009/08/26 2:24 p.m.1 views

DEBIAN-CVE-2009-2967

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

4.3CVSS5.8AI score0.00604EPSS
Exploits0References1
PyPA
PyPAadded 2009/08/26 2:24 p.m.5 views

PYSEC-2009-2

Multiple cross-site scripting XSS vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959...

4.3CVSS6AI score0.00604EPSS
Exploits0References9Affected Software1
PyPA
PyPAadded 2009/08/25 5:30 p.m.6 views

PYSEC-2009-1

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00467EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2009/08/25 5:30 p.m.5 views

CVE-2009-2959

Cross-site scripting XSS vulnerability in the waterfall web status view status/web/waterfall.py in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score
Exploits0References9
OSV
OSVadded 2009/08/18 9:0 p.m.5 views

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

5.4AI score
Exploits0References14
Positive Technologies
Positive Technologiesadded 2009/08/17 12:0 a.m.2 views

PT-2009-5147 · Xoops · Xoops

Name of the Vulnerable Software and Affected Versions: XOOPS version 2.3.3 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. Specifically, the vulnerabilities are found in the op...

4.3CVSS6AI score0.07274EPSS
Exploits1References11
RedHat Linux
RedHat Linuxadded 2009/07/21 8:50 p.m.2 views

tomcat: XSS in Apache Tomcat calendar application

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS6.2AI score0.37304EPSS
Exploits1References4
OSV
OSVadded 2009/07/09 5:30 p.m.4 views

CVE-2009-1724

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects...

5.4AI score
Exploits0References14
OSV
OSVadded 2009/07/07 7:30 p.m.8 views

CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

5.8AI score
Exploits0References6
OSV
OSVadded 2009/07/07 7:30 p.m.1 views

DEBIAN-CVE-2009-2343

Cross-site scripting XSS vulnerability in people.php in Zoph before 0.7.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information...

4.3CVSS5.9AI score0.00357EPSS
Exploits0References1
CVE
CVEadded 2009/07/05 4:0 p.m.63 views

CVE-2009-2324

CVE-2009-2324 concerns FCKeditor prior to 2.6.4.1, which contains multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via components in the samples directory (aka _samples). The underlying issue is improper validation/escaping of input in the samples/connector...

4.3CVSS5.8AI score0.00254EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2009/06/25 11:14 p.m.2 views

CVE-2009-2219

Multiple cross-site scripting XSS vulnerabilities in phpCollegeExchange 0.1.5c allow remote attackers to inject arbitrary web script or HTML via the 1 SESSIONhandle parameter to a home.php, b books/allbooks.php, or c books/home.php; or the 2 home parameter to d ihead.php or e inav.php, or f...

4.3CVSS5.4AI score0.00313EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2009/06/23 4:30 p.m.2 views

CVE-2009-2170

Multiple cross-site scripting XSS vulnerabilities in Mahara 1.0 before 1.0.12 and 1.1 before 1.1.5 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

4.3CVSS5.4AI score0.00263EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2009/06/22 2:30 p.m.1 views

CVE-2009-2149

Multiple cross-site scripting XSS vulnerabilities in Campus Virtual-LMS allow remote attackers to inject arbitrary web script or HTML via the 1 courseid parameter to enrolments/step1.php, or the 2 search or 3 siteid parameter to files/sharedlist.php...

4.3CVSS5.4AI score0.00513EPSS
Exploits0References3
OSV
OSVadded 2009/06/10 6:0 p.m.7 views

CVE-2009-1702

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects...

5.4AI score
Exploits0References14
ATTACKERKB
ATTACKERKBadded 2009/06/10 6:0 p.m.4 views

CVE-2009-0239

Cross-site scripting XSS vulnerability in Windows Search 4.0 for Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted file that appears in a preview in a search result, aka "Script Execution in Windows Sear...

4.3CVSS5.6AI score0.30683EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2009/06/10 12:0 a.m.2 views

PT-2009-4182 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: Apple Safari versions prior to 4.0 iPhone OS versions 1.0 through 2.2.1 iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via vecto...

4.3CVSS5.3AI score0.00644EPSS
Exploits2References17
OSV
OSVadded 2009/04/29 6:30 p.m.6 views

CVE-2009-1482

Multiple cross-site scripting XSS vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 an AttachFile sub-action in the errormsg function or 2 multiple vectors related to package file errors in the uploadform...

5.4AI score
Exploits0References10
ATTACKERKB
ATTACKERKBadded 2009/04/21 6:30 p.m.0 views

CVE-2008-6733

Cross-site scripting XSS vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter...

4.3CVSS5.9AI score0.00357EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2009/04/14 5:14 p.m.2 views

php: XSS via PHP error messages

Cross-site scripting XSS vulnerability in PHP, possibly 5.2.7 and earlier, when displayerrors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208...

2.6CVSS5.9AI score0.02729EPSS
Exploits0References4
Rows per page
Query Builder