Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-04 | CVE-2008-6047 | Cross-Site Scripting vulnerability in Adbnewssender Cross-site scripting (XSS) vulnerability in ADbNewsSender before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) subscribing and (2) unsubscribing. | 4.3 |
| 2009-02-03 | CVE-2009-0413 | Cross-Site Scripting vulnerability in Roundcube Webmail 0.2 Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message. | 4.3 |
| 2009-02-03 | CVE-2009-0404 | Cross-Site Scripting vulnerability in Bioinformatics Htmlawed Multiple cross-site scripting (XSS) vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via invalid Cascading Style Sheets (CSS) expressions in the style attribute, which is processed by Internet Explorer 7. | 4.3 |
| 2009-02-03 | CVE-2008-6041 | Cross-Site Scripting vulnerability in Dataspade 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Index.asp in Dataspade 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) ViewName, (2) TableName, (3) OrderBy, and (4) FilterField parameters. | 4.3 |
| 2009-02-03 | CVE-2008-6035 | Cross-Site Scripting vulnerability in Achievo 1.3.2 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2-STABLE allows remote attackers to inject arbitrary web script or HTML via the atknodetype parameter. | 4.3 |
| 2009-02-03 | CVE-2008-6034 | Cross-Site Scripting vulnerability in Achievo 1.3.2 Cross-site scripting (XSS) vulnerability in dispatch.php in Achievo 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the atkaction parameter. | 4.3 |
| 2009-02-03 | CVE-2008-6027 | Cross-Site Scripting vulnerability in Bluepage CMS 2.4.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in BLUEPAGE CMS 2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) whl, (2) var_1, and (3) search parameters. | 4.3 |
| 2009-02-03 | CVE-2009-0393 | Cross-Site Scripting vulnerability in Motorola Cpei300 Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows remote authenticated users to inject arbitrary web script or HTML via the page parameter. | 3.5 |
| 2009-02-02 | CVE-2009-0273 | Cross-Site Scripting vulnerability in Novell Groupwise Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments. | 4.3 |
| 2009-02-02 | CVE-2009-0378 | Cross-Site Scripting vulnerability in Joomla COM Beamospetition 1.0.12 Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action. | 4.3 |