Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Total 27423 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4326 2 Microsoft, Phpmyadmin 2 Internet Explorer, Phpmyadmin 2011-03-08 4.3 MEDIUM N/A
The PMA_escapeJsString function in libraries/js_escape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via a NUL byte inside a "</script" sequence.
CVE-2008-3516 1 Adobe 1 Presenter 2011-03-08 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 before 7.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) viewer.swf and (2) loadflash.js, a different vulnerability than CVE-2008-3515.
CVE-2008-3515 1 Adobe 1 Presenter 2011-03-08 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in files generated by Adobe Presenter 6 and 7 before 7.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) viewer.swf and (2) loadflash.js, a different vulnerability than CVE-2008-3516.
CVE-2008-2991 1 Adobe 1 Robohelp Server 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Help Errors log.
CVE-2008-1663 1 Hp 1 System Management Homepage 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 on Linux and Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-1073 1 Internet Security Systems 1 Internet Scanner 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the report interface in Internet Security Systems (ISS) Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-0902 2 Bea, Bea Systems 2 Weblogic Server, Weblogic Server 2011-03-08 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
CVE-2008-0899 1 Bea 1 Weblogic Server 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.
CVE-2008-0869 2 Bea, Bea Systems 3 Weblogic Server, Weblogic Workshop, Weblogic 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic Workshop or Apache Beehive NetUI framework with page flows.
CVE-2008-0866 1 Bea 1 Weblogic Workshop 2011-03-08 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by NetUI page flows.
CVE-2008-0861 1 Ibm 1 Lotus Quickplace 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in leg/Main.nsf in IBM Lotus Quickplace 7.0 allows remote attackers to inject arbitrary web script or HTML via an h_SearchString sub-parameter in the PreSetFields parameter of an EditDocument action.
CVE-2008-0834 1 Ibm 1 Lotus Quickr 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-0826 1 Caroline 1 Caroline 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Claroline before 1.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-0717 1 Ibm 1 Websphere Edge Server 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Caching Proxy (CP) 5.1 through 6.1 in IBM WebSphere Edge Server, when CGI mapping rules are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger injection into an error response.
CVE-2008-0694 1 Ibm 1 Os 400 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the HTTP Server in IBM OS/400 V5R3M0 and V5R4M0 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header.
CVE-2008-0642 1 Adobe 1 Robohelp 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involving use of a (1) WebHelp5 (WebHelp5Ext) or (2) WildFire (WildFireExt) extension, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-1280.
CVE-2008-0622 1 Raidenhttpd 1 Raidenhttpd 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in RaidenHTTPD 2.0.19 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the ulang parameter.
CVE-2008-0576 1 Drupal 1 Project Issue Tracking Module 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Project Issue Tracking module 5.x-2.x-dev before 20080130 in the 5.x-2.x series, 5.x-1.2 and earlier in the 5.x-1.x series, 4.7.x-2.6 and earlier in the 4.7.x-2.x series, and 4.7.x-1.6 and earlier in the 4.7.x-1.x series for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors that write to summary table pages.
CVE-2008-0522 1 Hal Networks 3 Perl Cgi Cart, Php Cart, Shop Hal V1 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in multiple Hal Networks shopping-cart products allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-0400 2 Modern, Singapore 2 Modern, Singapore 2011-03-08 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in header.tpl.php in the modern template for Singapore 0.10.1 allows remote attackers to inject arbitrary web script or HTML via the gallery parameter to default.php.