Total
44191 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4698 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Apple Safari 3 before Beta Update 3.0.4 on Windows, and Mac OS X 10.4 through 10.4.10, allows remote attackers to conduct cross-site scripting (XSS) attacks by causing JavaScript events to be associated with the wrong frame. | ||||
| CVE-2008-2127 | 1 Cms Faethon | 1 Cms Faethon | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CMS Faethon 2.2 Ultimate allows remote attackers to inject arbitrary web script or HTML via the what parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-4745 | 2 Joomla, Mambo | 2 Akobook, Mambo Site Server | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the AkoBook 3.42 and earlier component (com_akobook) for Mambo allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) gbmail and (2) gbpage parameters in the sign function. | ||||
| CVE-2007-4554 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in tiki-remind_password.php in Tikiwiki (aka Tiki CMS/Groupware) 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: this issue might be related to CVE-2006-2635.7. | ||||
| CVE-2008-4174 | 1 Benjamin Kuz | 1 Dynamic Mp3 Lister | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dynamic MP3 Lister 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) currentpath, (2) invert, (3) search, and (4) sort parameters. | ||||
| CVE-2007-3758 | 2 Apple, Microsoft | 5 Iphone Os, Mac Os X, Safari and 2 more | 2026-04-23 | N/A |
| Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and in Mac OS X 10.4 through 10.4.10, allows remote attackers to set Javascript window properties for web pages that are in a different domain, which can be leveraged to conduct cross-site scripting (XSS) attacks. | ||||
| CVE-2008-5584 | 1 Projectpier | 1 Projectpier | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ProjectPier 0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a message, (2) a milestone, or (3) a display name in a profile, or the (4) a or (5) c parameter to index.php. | ||||
| CVE-2008-6503 | 1 Prestashop | 1 Prestashop | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PrestaShop 1.1.0.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) admin/login.php and (2) order.php. | ||||
| CVE-2007-3910 | 1 Bandersnatch | 1 Bandersnatch | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote attackers to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs. | ||||
| CVE-2007-4040 | 1 Microsoft | 2 Outlook, Outlook Express | 2026-04-23 | 8.8 High |
| Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670. | ||||
| CVE-2007-6728 | 1 Xmb Forum | 1 Xmb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in XMB 1.5 allows remote attackers to inject arbitrary web script or HTML via the MSN field during user registration. | ||||
| CVE-2007-2206 | 1 Ripe Website Manager | 1 Ripe Website Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a leading "<"<" in the ripeformpost parameter. | ||||
| CVE-2007-2391 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout function that is activated after the user has moved from the current page. | ||||
| CVE-2007-4139 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HTML via the style parameter to wp-admin/upload.php. | ||||
| CVE-2006-6096 | 1 Dotnetindex | 1 Active News Manager | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2006-6163 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters. | ||||
| CVE-2006-6401 | 1 Mystats | 1 Mystats | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter. | ||||
| CVE-2007-1905 | 1 Pineapple Technologies | 1 Quizshock | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "<"<". | ||||
| CVE-2006-6746 | 1 Dreaxteam | 1 Xt-news | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 allow remote attackers to inject arbitrary web script or HTML via the id_news parameter to (1) add_comment.php or (2) show_news.php. | ||||
| CVE-2006-6882 | 1 Golden Book | 1 Golden Book | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in golden book allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||