CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 43891 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2009-1775	1 Ulteo	1 Open Virtual Desktop	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Ulteo Open Virtual Desktop 1.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) admin/applications.php, (2) admin/appsgroup.php, (3) admin/users.php, (4) admin/usersgroup.php, and (5) admin/tasks.php; (6) show parameter to admin/logs.php; and (7) mode parameter to admin/configuration-partial.php. NOTE: some of these details are obtained from third party information.
CVE-2008-6416	1 Greensql	1 Greensql-console	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL-Console before 0.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "internal pages."
CVE-2008-6433	1 Blueriver	1 Sava Cms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.cfm in Blue River Interactive Group Sava CMS before 5.0.122 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action.
CVE-2008-6436	1 Xerox	1 Workcentre	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the Web Server in Xerox WorkCentre 7132, 7228, 7235, and 7245 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-1785	1 Ulteo	1 Open Virtual Desktop	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Ulteo Open Virtual Desktop 1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter to header.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6465	1 Parallels	1 H-sphere	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters.
CVE-2008-6476	1 Dotnetblogengine	1 Blogengine.net	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2009-1796	1 Sun	1 Java System Portal Server	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to an error page.
CVE-2008-6501	1 Prochatrooms	1 Pro Chat Rooms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter.
CVE-2009-2424	1 Clone2009	1 Ebay Clone	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search.php in Ebay Clone 2009 allows remote attackers to inject arbitrary web script or HTML via the mode parameter.
CVE-2009-1811	1 Collector	1 Mygesuad	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote attackers to inject arbitrary web script or HTML via (1) the Page parameter in a List action to modules/ereignis.php, (2) the Kontext parameter in a Search action to modules/kategorie.php, (3) the image parameter to modules/image.php, or (4) the ID parameter in a Detail action to modules/sitzung.php.
CVE-2008-6529	1 Ezonescripts	1 Living Local	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in listtest.php in eZoneScripts Living Local 1.1 allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6550	1 Davidbourrier	1 Glossaire	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6565	1 Invision Power Services	1 Invision Power Board	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.
CVE-2008-6571	1 Linpha	1 Linpha	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
CVE-2009-1820	1 2daybiz	1 Custom T-shirt Design Script	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2008-6597	1 Phpcredo	1 Phcdownload	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in upload/install/index.php in PHCDownload 1.1 allows remote attackers to inject arbitrary web script or HTML via the step parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6607	1 Matpo	1 Matpo Link	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in view.php in MatPo Link 1.2 Beta allows remote attackers to inject arbitrary web script or HTML via the thema parameter.
CVE-2008-6609	1 Ott	1 Phpcksec	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
CVE-2008-6616	1 Zen-cart	1 Zen Cart	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

« first previous Page 284 of 2195. next last »