CVE & Exploit Intelligence Database

Updated 29m ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,283 with exploits 4,731 exploited in wild 1,542 CISA KEV 3,930 Nuclei templates 37,826 vendors 42,577 researchers

42,457 results Clear all

CVE-2008-2274 EPSS 0.00

Typo3 SR Feuser Register Extension - XSS

Cross-site scripting (XSS) vulnerability in the sr_feuser_register 1.4.0, 1.6.0, 2.2.1 to 2.2.7, 2.3.0 to 2.3.6, 2.4.0, and 2.5.0 to 2.5.9 extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 May 16, 2008

CVE-2008-2264 1 PoC Analysis EPSS 0.00

Oued Cyrixmed - XSS

Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 allows remote attackers to inject arbitrary web script or HTML via the msg_erreur parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE-79 May 16, 2008

CVE-2008-2165 EPSS 0.01

Cisco Building Broadband Service Manager - XSS

Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service Manager (BBSM) Captive Portal 5.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

CWE-79 May 16, 2008

CVE-2008-2219 1 PoC Analysis EPSS 0.00

Cross-site scripting (XSS) vulnerability in install.php in C-News.fr C-News 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the etape parameter.

CWE-79 May 14, 2008

CVE-2008-2206 EPSS 0.00

Maianscriptworld Maian Music - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Maian Music 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter in a search action to index.php, and the (2) msg_script parameter to admin/inc/footer.php.

CWE-79 May 14, 2008

CVE-2008-2204 EPSS 0.00

Maianscriptworld Maian Search - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Search 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters.

CWE-79 May 14, 2008

CVE-2008-2211 EPSS 0.00

Maianscriptworld Maian Guestbook - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Guestbook 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.

CWE-79 May 14, 2008

CVE-2008-2209 EPSS 0.00

Maianscriptworld Maian Greeting - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Greeting 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script and (2) msg_script2 parameters.

CWE-79 May 14, 2008

CVE-2008-2196 1 PoC Analysis EPSS 0.00

Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.

CWE-79 May 14, 2008

CVE-2008-2202 3 PoCs Analysis EPSS 0.00

Maianscriptworld Maian Uploader - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.

CWE-79 May 14, 2008

CVE-2008-2213 EPSS 0.00

Maianscriptworld Maian Links - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/footer.php in Maian Links 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script2 and (2) msg_script3 parameters.

CWE-79 May 14, 2008

CVE-2008-2212 EPSS 0.00

Maianscriptworld Maian Cart - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Maian Cart 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_adminheader, (2) msg_adminheader2, (3) msg_adminheader3, (4) msg_adminheader4, and unspecified other parameters to admin/inc/header.php; the (5) msg_script3 and unspecified other parameters to admin/inc/footer.php; and the (6) keywords parameter to index.php in a search action.

CWE-79 May 14, 2008

CVE-2008-2210 EPSS 0.00

Maianscriptworld Maian Support - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Maian Support 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_script, (2) msg_script2, and (3) msg_script3 parameters to admin/inc/footer.php; and the (4) msg_script2 parameter to admin/inc/header.php.

CWE-79 May 14, 2008

CVE-2008-2207 EPSS 0.00

Maianscriptworld Maian Gallery - XSS

Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action.

CWE-79 May 14, 2008

CVE-2008-2201 EPSS 0.00

Maianscriptworld Maian Recipe - XSS

Multiple cross-site scripting (XSS) vulnerabilities in admin/inc/header.php in Maian Recipe 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) header, (2) header2, (3) header3, (4) header4, (5) header5, (6) header6, (7) header7, (8) header8, and (9) header9 parameters.

CWE-79 May 14, 2008

CVE-2008-2200 EPSS 0.00

Maianscriptworld Maian Weblog - XSS

Multiple cross-site scripting (XSS) vulnerabilities in Maian Weblog 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter to admin/index.php in a blogs search action, the (2) msg_charset and (3) msg_header9 parameters to admin/inc/header.php, and the (4) keywords parameter to index.php in a search action.

CWE-79 May 14, 2008

CVE-2007-5803 EPSS 0.00

Nagios <2.12 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.

CWE-79 May 13, 2008

CVE-2008-2187 1 PoC Analysis EPSS 0.01

Mdsjack Mjguest - XSS

Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote attackers to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php.

CWE-79 May 13, 2008

CVE-2008-2179 EPSS 0.00

Ilient Sysaid - XSS

Cross-site scripting (XSS) vulnerability in SystemList.jsp in SysAid 5.1.08 allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE-79 May 13, 2008

CVE-2008-2178 EPSS 0.01

Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the searchTerms parameter in an editArticleCategories operation (aka an admin category search).

CWE-79 May 13, 2008