Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-20 | CVE-2007-5010 | Cross-Site Scripting vulnerability in Wilson Windowware Webbatch 2007C Cross-site scripting (XSS) vulnerability in WebBatch allows remote attackers to inject arbitrary web script or HTML via the URL to webbatch.exe. | 4.3 |
| 2007-09-19 | CVE-2007-4981 | Cross-Site Scripting vulnerability in Oblius Obedit 3.03 Cross-site scripting (XSS) vulnerability in the save function in Obedit 3.03 allows user-assisted remote attackers to inject arbitrary web script or HTML via unknown vectors, as demonstrated by a SCRIPT element in an unspecified context when saving a document. | 4.3 |
| 2007-09-19 | CVE-2007-4977 | Cross-Site Scripting vulnerability in Coppermine Photo Gallery Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter. | 3.5 |
| 2007-09-19 | CVE-2007-4975 | Cross-Site Scripting vulnerability in B1G B1Gmail 6.3.1 Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to inject arbitrary web script or HTML via the chapter parameter. | 4.3 |
| 2007-09-18 | CVE-2007-4959 | Cross-Site Scripting vulnerability in Jelsoft Oscmax 2.0.0Rc301 Cross-site scripting (XSS) vulnerability in catalog_products_with_images.php in osCMax 2.0.0-RC3-0-1 allows remote attackers to inject arbitrary web script or HTML via the URI. | 4.3 |
| 2007-09-18 | CVE-2007-4958 | Cross-Site Scripting vulnerability in Tinywebgallery 1.6.3.4 Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) 1.6.3.4 allow remote attackers to inject arbitrary web script or HTML via the URI for (1) index.php, (2) i_frames/i_login.php, and (3) i_frames/i_top_tags.php. | 4.3 |
| 2007-09-18 | CVE-2007-4945 | Cross-Site Scripting vulnerability in Jasmine Technologies Lettergrade Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via (1) a student's email address, (2) the year parameter to genbrws/Student/cal_month.php3, and other unspecified vectors related to the calendar. | 4.3 |
| 2007-09-18 | CVE-2007-4929 | Cross-Site Scripting vulnerability in Axis 207W Network Camera Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/image_incl.shtml, and other unspecified vectors. | 4.3 |
| 2007-09-17 | CVE-2007-4917 | Cross-Site Scripting vulnerability in PHP-Stats 0.1.9.2 Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the ip parameter in an online action, a different vector than CVE-2007-4334. | 4.3 |
| 2007-09-17 | CVE-2007-4912 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board Cross-site scripting (XSS) vulnerability in ips_kernel/class_ajax.php in Invision Power Board (IPB or IP.Board) 2.3.1 up to 20070912 allows remote attackers to inject arbitrary web script or HTML into user profile fields via unspecified vectors related to character sets other than iso-8859-1 or utf-8. | 4.3 |