Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2008-3404

    Cross-site scripting (XSS) vulnerability in guestbook.js.php in MJGuest 6.8 GT allows remote attackers to inject arbitrary web script or HTML via the link parameter.... Read more

    Affected Products : mjguest
    • Published: Jul. 31, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3180

    Multiple cross-site scripting (XSS) vulnerabilities in upload/file/language_menu.php in ContentNow CMS 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) pageid parameter or (2) PATH_INFO.... Read more

    Affected Products : contentnow_cms
    • Published: Jul. 15, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2939

    Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web scr... Read more

    • Published: Aug. 06, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2398

    Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.... Read more

    Affected Products : appserv
    • Published: May. 21, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2333

    Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter.... Read more

    Affected Products : barracuda_spam_firewall
    • Published: May. 23, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2965

    Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter.... Read more

    Affected Products : jaxultrabb
    • Published: Jul. 02, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2962

    Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.... Read more

    Affected Products : myblog
    • Published: Jul. 02, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2414

    Cross-site scripting (XSS) vulnerability in send_email.php in AN Guestbook (ANG) 0.4 allows remote attackers to inject arbitrary web script or HTML via the postid parameter.... Read more

    Affected Products : an_guestbook
    • Published: May. 22, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2344

    Cross-site scripting (XSS) vulnerability in the air_filemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : air_filemanager
    • Published: May. 19, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3098

    Cross-site scripting (XSS) vulnerability in admin/usercheck.php in fuzzylime (cms) before 3.03 allows remote attackers to inject arbitrary web script or HTML via the user parameter to the login form.... Read more

    Affected Products : fuzzylime_cms
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3088

    Cross-site scripting (XSS) vulnerability in the Files module in Kasseler CMS 1.3.0 and 1.3.1 Lite allows remote attackers to inject arbitrary web script or HTML via the cid parameter in a Category action to index.php.... Read more

    Affected Products : kasseler_cms
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2006-0472

    Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.... Read more

    Affected Products : my_little_guestbook
    • Published: Jan. 31, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2008-3101

    Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the parenttab parameter in an index action to the Products module, as reachable through index.php; (2) the user_p... Read more

    Affected Products : vtiger_crm
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3082

    Cross-site scripting (XSS) vulnerability in UPM/English/login/login.asp in Commtouch Enterprise Anti-Spam Gateway 4 and 5 allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter.... Read more

    Affected Products : enterprise_anti-spam_gateway
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3061

    Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter.... Read more

    Affected Products : v-webmail
    • Published: Oct. 08, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-1536

    Cross-site scripting (XSS) vulnerability in index.php in Pictures Pro (aka Tim Grissett) Photo Cart 4.1 allows remote attackers to inject arbitrary web script or HTML via the amessage parameter. NOTE: some of these details are obtained from third party i... Read more

    Affected Products : picturespro_photo_cart
    • Published: Mar. 28, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2980

    Multiple cross-site scripting (XSS) vulnerabilities in HomePH Design 2.10 RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) error_meldung parameter to admin/features/register/register.php, the (2) feature_language[ueberschrift]... Read more

    Affected Products : homeph_design
    • Published: Jul. 02, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-2413

    Cross-site scripting (XSS) vulnerability in glossaire.php in ACGV News 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.... Read more

    Affected Products : acgv_news
    • Published: May. 22, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-3029

    Cross-site scripting (XSS) vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : wec_discussion_forum wec_discussion
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 4.3

    MEDIUM
    CVE-2008-1550

    Multiple cross-site scripting (XSS) vulnerabilities in index.php in CubeCart 4.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the _a parameter in a searchStr action and the (2) Submit parameter.... Read more

    Affected Products : cubecart
    • Published: Mar. 31, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293627 Results