Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-04 | CVE-2006-0533 | Cross-Site Scripting vulnerability in Cpanel Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter. | 4.3 |
2006-01-26 | CVE-2006-0442 | Cross-Site Scripting vulnerability in Mybb 1.0.2 Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote attackers to inject arbitrary web script or HTML via the (1) notepad parameter in a notepad action and (2) signature parameter in an editsig action. | 4.3 |
2006-01-22 | CVE-2006-0364 | Cross-Site Scripting vulnerability in Mybulletinboard Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via a signature containing a JavaScript URI in the SRC attribute of an IMG element, in which the URI uses SGML numeric character references without trailing semicolons, as demonstrated by "javascript". | 4.3 |
2006-01-18 | CVE-2006-0233 | Cross-Site Scripting vulnerability in Microblog 2.0Rc10 Cross-site scripting (XSS) vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a [url] BBcode tag. | 4.3 |
2006-01-13 | CVE-2006-0208 | Cross-Site Scripting vulnerability in PHP Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message. | 2.6 |
2006-01-11 | CVE-2006-0175 | Cross-Site Scripting vulnerability in Webwiz web WIZ Forums 6.34 Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz Forums 6.34 allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |
2006-01-09 | CVE-2006-0140 | Cross-Site Scripting vulnerability in Navboard 16/17 Cross-site scripting (XSS) vulnerability in post.php in NavBoard V16 Stable(2.6.0) and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the (1) b, (2) textlarge, and (3) url bbcode tags. | 4.3 |
2006-01-06 | CVE-2006-0101 | Cross-Site Scripting vulnerability in Sblog Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php. | 4.3 |
2006-01-05 | CVE-2006-0063 | Cross-Site Scripting vulnerability in PHPbb Group PHPbb 2.0.19 Cross-site scripting (XSS) vulnerability in phpBB 2.0.19, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary web script or HTML via a permitted HTML tag with ' (single quote) characters and active attributes such as onmouseover, a variant of CVE-2005-4357. | 4.3 |
2005-12-31 | CVE-2005-4877 | Cross-Site Scripting vulnerability in Ignite Realtime Openfire 2.3.0 Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.3.0 Beta 2 allows remote attackers to inject arbitrary web script or HTML via Javascript events in the username parameter, a different vulnerability than CVE-2005-4876. | 4.3 |