CWE-79 CVEs and Security Vulnerabilities

Filtered by CWE-79

Search

Switch to Advanced Search (Beta)

Total 43952 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2008-6406	1 Datalifecms	1 Datalife Engine	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in admin.php in DataLife Engine (DLE) 7.2 allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2008-6428	1 Kayalang	1 Kaya	2026-04-23	N/A
The CGI framework in Kaya 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2008-6435	1 Phpsqlitecms	1 Phpsqlitecms	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpSQLiteCMS 1 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) lang[home], (2) lang[admin_menu], and (3) lang[admin_menu_page_overview] parameters to cms/includes/header.inc.php; and the (4) lang[login_username] and (5) lang[login_password] parameters to cms/includes/login.inc.php.
CVE-2008-6439	1 Abledating	1 Abledating	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search_results.php in ABK-Soft AbleDating 2.4 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
CVE-2008-6450	1 Under Construction Baby	1 Pc2m	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6448	1 Skyarc	1 Mtcms Wysiwyg Editor	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in install.cgi in SKYARC System MTCMS WYSIWYG Editor allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6501	1 Prochatrooms	1 Pro Chat Rooms	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in profiles/index.php in Pro Chat Rooms 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the gud parameter.
CVE-2008-6515	1 Vclcomponents	1 Yappa-ng	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Fritz Berger yet another php photo album - next generation (yappa-ng) allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVE-2008-6550	1 Davidbourrier	1 Glossaire	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in glossaire.php in Glossaire 2.0 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6565	1 Invision Power Services	1 Invision Power Board	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.
CVE-2008-6567	1 Gallarific	1 Gallarific	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free Edition allow remote attackers to inject arbitrary web script or HTML via (1) the e-mail address, (2) a comment, which is not properly handled during moderation, and (3) the tag parameter to gallery/tags.php.
CVE-2008-6570	1 Cybozu	1 Garoon	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in the RSS reader in Cybozu Garoon 2.0.0 through 2.1.3 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.
CVE-2008-6571	1 Linpha	1 Linpha	2026-04-23	N/A
Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.3.4 might allow remote attackers to inject arbitrary web script or HTML via (1) new_images.php, (2) login.php, and unspecified vectors.
CVE-2008-6629	1 Webbdomain	1 Webshop Online	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2008-6646	1 Coronamatrix	1 Phpaddressbook	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in index.php in CoronaMatrix phpAddressBook 2.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2008-6654	1 Structum	1 Infobiz Server	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in search_results.php in InfoBiz Server allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2008-6681	1 Dojotoolkit	1 Dojo	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element.
CVE-2008-6683	1 Yourfreeworld	1 Apartment Search Script	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter.
CVE-2008-6757	1 Viart	1 Viart Shop	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in manuals_search.php in ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to inject arbitrary web script or HTML via the manuals_search parameter.
CVE-2008-6764	1 Hypersilence	1 Silentum Loginsys	2026-04-23	N/A
Cross-site scripting (XSS) vulnerability in login.php in Silentum LoginSys 1.0.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter.

« first previous Page 332 of 2198. next last »