Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-09 | CVE-2007-5312 | Cross-Site Scripting vulnerability in Torrenttrader 1.07 Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote attackers to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php. | 4.3 |
| 2007-10-09 | CVE-2007-5304 | Cross-Site Scripting vulnerability in Yannick Tanguy Else IF CMS 0.6Beta Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote parameter to utilisateurs/votesresultats.php, and the (3) elseifforumtxtmenugeneraleduforum parameter to moduleajouter/depot/adminforum.php. | 4.3 |
| 2007-10-09 | CVE-2007-5303 | Cross-Site Scripting vulnerability in Snewscms RUS 2.1 Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attackers to inject arbitrary web script or HTML via the page_id parameter. | 4.3 |
| 2007-10-09 | CVE-2007-5302 | Cross-Site Scripting vulnerability in HP Hp-Ux 11.11/11.23/11.31 Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-10-09 | CVE-2007-5297 | Cross-Site Scripting vulnerability in Minki 1.30 Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 4.3 |
| 2007-10-09 | CVE-2007-5296 | Cross-Site Scripting vulnerability in Livio Siri Dblist 8.1 Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp in dbList 8.1 allow remote attackers to inject arbitrary web script or HTML via the (1) db, (2) pagesize, (3) sort, (4) strKeyWords, and (5) table parameters. | 4.3 |
| 2007-10-09 | CVE-2007-5293 | Cross-Site Scripting vulnerability in Idmos 1.0Beta Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote attackers to inject arbitrary web script or HTML via the (1) err_msg parameter to error.php and the (2) content parameter to templates/simple/ia.php. | 2.6 |
| 2007-10-09 | CVE-2007-5292 | Cross-Site Scripting vulnerability in Splitside Directory Image Gallery 1.1 Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the backwardDirectory parameter. | 4.3 |
| 2007-10-09 | CVE-2007-5291 | Cross-Site Scripting vulnerability in Daniel Broadbent DB Manager 2.0 Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 4.3 |
| 2007-10-09 | CVE-2007-5290 | Cross-Site Scripting vulnerability in Afterlogic Mailbee Webmail Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode. | 4.3 |