Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2012-05-21	CVE-2012-2911	Cross-Site Scripting vulnerability in Silisoftware Backupdb() 1.2.7A Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote attackers to inject arbitrary web script or HTML via the onlyDB parameter. network silisoftware CWE-79	4.3
2012-05-21	CVE-2012-2910	Cross-Site Scripting vulnerability in Silisoftware PHPthumb() 1.7.11 Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware phpThumb() 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter to demo/phpThumb.demo.random.php or (2) title parameter to demo/phpThumb.demo.showpic.php. network silisoftware CWE-79	4.3
2012-05-21	CVE-2012-2909	Cross-Site Scripting vulnerability in Viscacha 0.8.1.1 Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Word field in Zensur, or (3) Portal or (4) Topic field in Kommentar. network viscacha CWE-79	4.3
2012-05-21	CVE-2012-2907	Cross-Site Scripting vulnerability in Ishmael Sanchez Aberdeen 6.X1.10/6.X1.8/6.X1.9 Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the breadcrumb, allows remote attackers to inject arbitrary web script or HTML via the content title in a breadcrumb. network high complexity ishmael-sanchez drupal CWE-79	2.6
2012-05-21	CVE-2012-2906	Cross-Site Scripting vulnerability in Artiphp CMS 5.5.0 Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add_img_name_post, (2) asciiart_post, (3) expediteur, (4) titre_sav, or (5) z39d27af885b32758ac0e7d4014a61561 parameter. network artiphp CWE-79	4.3
2012-05-21	CVE-2012-2904	Cross-Site Scripting vulnerability in Longtailvideo JW Player 5.9 player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug parameter. network longtailvideo CWE-79	4.3
2012-05-21	CVE-2012-2903	Cross-Site Scripting vulnerability in Chatelao PHP Address Book Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) target_language or (3) target_flag parameter to translate.php. network chatelao CWE-79	4.3
2012-05-21	CVE-2012-2901	Cross-Site Scripting vulnerability in Ryan Demmer Joomla Content Editor 2.0 Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the search parameter to administrator/index.php. network ryan-demmer joomla CWE-79	4.3
2012-05-15	CVE-2012-1247	Cross-Site Scripting vulnerability in Webcreate web Mart 1.7 Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions. network high complexity webcreate CWE-79	2.6
2012-05-15	CVE-2012-1246	Cross-Site Scripting vulnerability in Webcreate web Mart 1.7 Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier might allow remote attackers to inject arbitrary web script or HTML via a crafted cookie. network webcreate CWE-79	4.3