CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20041 matches found

RedhatCVE•added 2026/01/09 11:53 a.m.•4 views

CVE-2009-4839

Multiple cross-site scripting XSS vulnerabilities in Basic Analysis and Security Engine BASE, possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 admin/baseroleadmin.php, 2 admin/baseuseradmin.php, 3 baseconfcontents.php, 4...

4.3CVSS6AI score0.01083EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:53 a.m.•9 views

CVE-2009-4497

Cross-site scripting XSS vulnerability in LXR Cross Referencer 0.9.5 and 0.9.6 allows remote attackers to inject arbitrary web script or HTML via the i parameter to the ident program...

4.3CVSS5.8AI score0.03221EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:53 a.m.•6 views

CVE-2009-4149

Cross-site scripting XSS vulnerability in the web interface in CA Service Desk 12.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

4.3CVSS5.9AI score0.00845EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:53 a.m.•7 views

CVE-2009-4707

Cross-site scripting XSS vulnerability in the Gobernalia Front End News Submitter gbfenewssubmit extension 0.1.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00855EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:53 a.m.•7 views

CVE-2009-4842

Multiple cross-site scripting XSS vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the 1 addNewDept, 2 deptId, or 3 deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the 4 firstName, 5 lastName, or 6 email...

4.3CVSS5.8AI score0.00855EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:52 a.m.•8 views

CVE-2009-4518

Cross-site scripting XSS vulnerability in the Insert Node module 5.x before 5.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via an inserted node...

4.3CVSS6AI score0.01065EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:52 a.m.•4 views

CVE-2009-4859

Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...

4.3CVSS6AI score0.00929EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:52 a.m.•6 views

CVE-2009-4688

Multiple cross-site scripting XSS vulnerabilities in index.php in PHP Shopping Cart Selling Website Script allow remote attackers to inject arbitrary web script or HTML via the 1 txtkeywords and 2 cid parameters...

4.3CVSS6.1AI score0.0307EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:51 a.m.•7 views

CVE-2009-4910

Cross-site scripting XSS vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418...

4.3CVSS6AI score0.00855EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:51 a.m.•7 views

CVE-2009-4989

Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...

4.3CVSS5.9AI score0.01513EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:51 a.m.•5 views

CVE-2009-4972

Cross-site scripting XSS vulnerability in index.php aka the log in page in SimpleID before 0.6.5 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.9AI score0.01065EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:51 a.m.•5 views

CVE-2009-4990

Cross-site scripting XSS vulnerability in the Webform report module 5.x and 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a submission...

4.3CVSS5.9AI score0.01042EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:51 a.m.•6 views

CVE-2009-4963

Cross-site scripting XSS vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.5AI score0.00833EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:50 a.m.•7 views

CVE-2009-4852

Multiple cross-site scripting XSS vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from...

4.3CVSS6AI score0.01033EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:50 a.m.•5 views

CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

4.3CVSS6AI score0.01292EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:49 a.m.•14 views

CVE-2009-4038

Multiple cross-site scripting XSS vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 onok or 2 oncancel parameter to the logon program. NOTE: the provenance of this information is unknown; the details are obtained...

4.3CVSS5.8AI score0.0194EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:49 a.m.•7 views

CVE-2009-4999

Cross-site scripting XSS vulnerability in the Workplace aka WP component in IBM FileNet P8 Application Engine P8AE 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field...

4.3CVSS5.8AI score0.00845EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:49 a.m.•5 views

CVE-2009-4047

Multiple cross-site scripting XSS vulnerabilities in PHD Help Desk 1.43 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to area.php; the 2 pagina, 3 sentido, 4 qregistros, and 5 orden parameters to area.php; 6 the qregistros parameter to solicdisplay.php; 7 the...

4.3CVSS5.9AI score0.01943EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:49 a.m.•3 views

CVE-2009-4164

Cross-site scripting XSS vulnerability in the simple Glossar simpleglossar extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.00855EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:49 a.m.•4 views

CVE-2009-4586

Multiple cross-site scripting XSS vulnerabilities in index.html in Wowd client before 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 sortby, 2 tags, or 3 ctx parameter in a search action...

4.3CVSS6AI score0.01097EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by