Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-04 | CVE-2007-5211 | Cross-Site Scripting vulnerability in Arbor Networks Peakflow SP 3.5.1/3.6.1 Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. | 4.3 |
| 2007-10-03 | CVE-2007-5183 | Cross-Site Scripting vulnerability in Megasol Odysseysuite Cross-site scripting (XSS) vulnerability in Mailbox.mws in OdysseySuite, possibly 4.0.729, allows remote attackers to inject arbitrary web script or HTML via the idkey parameter. | 4.3 |
| 2007-10-03 | CVE-2007-5182 | Cross-Site Scripting vulnerability in Netkamp Emlak Scripti Cross-site scripting (XSS) vulnerability in mail.asp in Netkamp Emlak Scripti allows remote attackers to inject arbitrary web script or HTML via the (1) Email parameter, and possibly the (2) Ad, (3) Soyad, (4) Konu, and (5) Mesaj parameters to iletisim.asp. | 4.3 |
| 2007-10-03 | CVE-2007-5179 | Cross-Site Scripting vulnerability in Y&K Iletisim Formu Y&K Iletisim Formu Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in Y&K Iletisim Formu allow remote attackers to inject arbitrary web script or HTML via the (1) ad, (2) sehir, (3) yas, (4) cins, (5) tel, (6) mail, and (7) mesaj parameters. | 4.3 |
| 2007-10-03 | CVE-2007-5176 | Cross-Site Scripting vulnerability in Grouplink Ehelpdesk 6.2.2 Multiple cross-site scripting (XSS) vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) NA_DISPLAYNAME parameter in helpdesk/user/rf_create.jsp and the (2) username and (3) LDAPError parameters in index2.jsp. | 4.3 |
| 2007-10-01 | CVE-2007-5161 | Cross-Site Scripting vulnerability in I-Systems Inc. Feedreader 3.10 Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remote attackers to inject arbitrary web script or HTML via an item in a feed, as demonstrated by a WordPress blog update. | 4.3 |
| 2007-09-28 | CVE-2007-5142 | Cross-Site Scripting vulnerability in Solidweb Novus 1.0 Cross-site scripting (XSS) vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. | 4.3 |
| 2007-09-28 | CVE-2007-5136 | Cross-Site Scripting vulnerability in Dragonfrugal DFD Cart Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-09-27 | CVE-2007-3761 | Cross-site Scripting vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1 allows remote attackers to inject arbitrary web script or HTML by causing Javascript events to be applied to a frame in another domain. | 4.3 |
| 2007-09-27 | CVE-2007-3760 | Cross-site Scripting vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to inject arbitrary web script or HTML via frame tags. | 4.3 |