CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 44179 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-6130	1 Mozilo	1 Mozilowiki	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.
CVE-2008-6161	1 Sourceforge	1 Wow Raid Manager	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in WOW Raid Manager (WRM) before 3.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6190	1 Eeb-welt	1 Eebcms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in EEBCMS 0.95 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
CVE-2008-6192	1 Sun	1 Java System Portal Server	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6200	1 Wiki	1 Swiki	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the query string and (2) a new wiki entry.
CVE-2008-6343	1 Typo3	2 Tu-clausthal Odin, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6340	2 Mathieu Vidal, Typo3	2 Mv Vox Populi, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6346	2 Dennis Royer, Typo3	2 Dr Wiki, Typo3	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6351	1 Turnkeyforms	1 Local Classifieds	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6396	1 Celerondude	1 Uploader	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-6428	1 Kayalang	1 Kaya	2026-04-23	N/A
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2008-6439	1 Abledating	1 Abledating	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
CVE-2008-6450	1 Under Construction Baby	1 Pc2m	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6448	1 Skyarc	1 Mtcms Wysiwyg Editor	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6515	1 Vclcomponents	1 Yappa-ng	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVE-2008-6533	1 Drupal	1 Drupal	2026-04-23	N/A
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2008-6570	1 Cybozu	1 Garoon	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.
CVE-2008-6571	1 Linpha	1 Linpha	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
CVE-2008-6597	1 Phpcredo	1 Phcdownload	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6600	1 Xmlportal	1 Xmlportal	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the search feature in XMLPortal 3.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter.

« first previous Page 342 of 2209. next last »