Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-07-31 | CVE-2008-3391 | Cross-Site Scripting vulnerability in Webwizguide web WIZ Forum 9.5 Multiple cross-site scripting (XSS) vulnerabilities in Web Wiz Forum 9.5 allow remote attackers to inject arbitrary web script or HTML via the mode parameter to (1) admin_group_details.asp and (2) admin_category_details.asp. | 4.3 |
2008-07-30 | CVE-2008-3381 | Cross-Site Scripting vulnerability in Moinmoin 1.6.3/1.7.0 Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2008-07-30 | CVE-2008-3380 | Cross-Site Scripting vulnerability in Myiosoft Easybookmarker 4.0 Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the rs parameter. | 4.3 |
2008-07-30 | CVE-2008-3379 | Cross-Site Scripting vulnerability in Snarky Visualpic 0.3.1 Cross-site scripting (XSS) vulnerability in Snark VisualPic 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the pic parameter to the default URI. | 4.3 |
2008-07-30 | CVE-2008-3367 | Cross-Site Scripting vulnerability in Webwizguide web WIZ Rich Text Editor 3/4.0/4.01 Cross-site scripting (XSS) vulnerability in RTE_popup_link.asp in Web Wiz Rich Text Editor (RTE) 3.x and 4.x before 4.03 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | 4.3 |
2008-07-29 | CVE-2008-3100 | Cross-Site Scripting vulnerability in OWL Intranet Knowledgebase 0.94 Cross-site scripting (XSS) vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php. | 4.3 |
2008-07-28 | CVE-2008-3348 | Cross-Site Scripting vulnerability in Myiosoft Easydynamicpages 3.0 Cross-site scripting (XSS) vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote attackers to inject arbitrary web script or HTML via the year parameter. | 4.3 |
2008-07-28 | CVE-2008-3344 | Cross-Site Scripting vulnerability in Myiosoft Easye-Cards 3.10/3.5 Multiple cross-site scripting (XSS) vulnerabilities in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a allow remote attackers to inject arbitrary web script or HTML via the (1) ResultHtml, (2) dir, (3) SenderName, (4) RecipientName, (5) SenderMail, and (6) RecipientMail parameters. | 4.3 |
2008-07-28 | CVE-2008-3342 | Cross-Site Scripting vulnerability in Myiosoft Easypublish 3.0 Cross-site scripting (XSS) vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr allows remote attackers to inject arbitrary web script or HTML via the read parameter in an edp_News action. | 4.3 |
2008-07-28 | CVE-2008-3340 | Cross-Site Scripting vulnerability in Jobbex Jobsite Cross-site scripting (XSS) vulnerability in search_result.cfm in Jobbex JobSite allows remote attackers to inject arbitrary web script or HTML via the searchFor variable (possibly the opt parameter.) | 4.3 |