Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-01-30 | CVE-2009-0204 | Cross-Site Scripting vulnerability in HP Select Access 6.1/6.2 Cross-site scripting (XSS) vulnerability in HP Select Access 6.1 and 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-01-29 | CVE-2009-0338 | Cross-Site Scripting vulnerability in Dmxready Blog Manager NIL Cross-site scripting (XSS) vulnerability in inc_webblogmanager.asp in DMXReady Blog Manager allows remote attackers to inject arbitrary web script or HTML via the CategoryID parameter in a refer action. | 4.3 |
2009-01-29 | CVE-2009-0335 | Cross-Site Scripting vulnerability in Katywhitton Blogit! NIL Cross-site scripting (XSS) vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to inject arbitrary web script or HTML via the view parameter. | 4.3 |
2009-01-28 | CVE-2008-3358 | Cross-Site Scripting vulnerability in SAP Netweaver Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document. | 4.3 |
2009-01-28 | CVE-2008-6004 | Cross-Site Scripting vulnerability in AJ Square AJ Auction 2.0 Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter. | 4.3 |
2009-01-28 | CVE-2008-5999 | Cross-Site Scripting vulnerability in Drupal Ajax Checklist 5.X1.0 Cross-site scripting (XSS) vulnerability in the Ajax Checklist module 5.x before 5.x-1.1 for Drupal allows remote authenticated users, with create and edit permissions for posts, to inject arbitrary web script or HTML via unspecified vectors involving the ajax_checklist filter. | 3.5 |
2009-01-28 | CVE-2008-5996 | Cross-Site Scripting vulnerability in Link3 Simplenews Cross-site scripting (XSS) vulnerability in the Simplenews module 5.x before 5.x-1.5 and 6.x before 6.x-1.0-beta4, a module for Drupal, allows remote authenticated users, with "administer taxonomy" permissions, to inject arbitrary web script or HTML via a Newsletter category field. | 3.5 |
2009-01-28 | CVE-2008-5995 | Cross-Site Scripting vulnerability in Typo3 Freecap Captcha Extension 1.0.0/1.0.1/1.0.2 Cross-site scripting (XSS) vulnerability in the freeCap CAPTCHA (sr_freecap) extension before 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-01-28 | CVE-2008-5994 | Cross-Site Scripting vulnerability in Checkpoint Connectra NGX R62 Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | 4.3 |
2009-01-28 | CVE-2009-0312 | Cross-Site Scripting vulnerability in Moinmoin 1.7.0/1.8.1 Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content. | 4.3 |