Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-14 | CVE-2007-4900 | Cross-Site Scripting vulnerability in RSA Envision 3.3.6Build0115 Cross-site scripting (XSS) vulnerability in the logon page in RSA EnVision 3.3.6 Build 0115 allows remote attackers to inject arbitrary web script or HTML via the username field. | 4.3 |
| 2007-09-14 | CVE-2007-4899 | Cross-Site Scripting vulnerability in Berkeley Boinc Forum Multiple cross-site scripting (XSS) vulnerabilities in Boinc Forum 5.10.20 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to forum_forum.php, or the search_string parameter to forum_text_search_action.php in a (2) titles or (3) bodies search. | 4.3 |
| 2007-09-14 | CVE-2007-4896 | Cross-Site Scripting vulnerability in Toms-Seiten.At Toms Gastenbuch 1.00/1.01 Multiple cross-site scripting (XSS) vulnerabilities in admin/header.php in Toms Gaestebuch 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang[adminseite], (2) lang[ueberschrift], or (3) einst[metachar] parameter, different vectors than CVE-2007-4711. | 4.3 |
| 2007-09-14 | CVE-2007-4883 | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in the BotQuery extension in MediaWiki 1.7.x and earlier before SVN 20070910 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a similar issue to CVE-2007-4828. | 4.3 |
| 2007-09-14 | CVE-2007-4882 | Cross-Site Scripting vulnerability in Techexcel Inc. Customerwise Multiple cross-site scripting (XSS) vulnerabilities in TechExcel CustomerWise (formerly TechExcel CRM) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-09-12 | CVE-2007-4836 | Cross-Site Scripting vulnerability in PHPmyquote 0.20 Cross-site scripting (XSS) vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an edit action. | 4.3 |
| 2007-09-12 | CVE-2007-4831 | Cross-Site Scripting vulnerability in Torrenttrader 1.07 Multiple cross-site scripting (XSS) vulnerabilities in account_settings.php in TorrentTrader 1.07 allow remote attackers to inject arbitrary web script or HTML via the (1) avatar and (2) title parameters. | 2.6 |
| 2007-09-12 | CVE-2007-4830 | Cross-Site Scripting vulnerability in Directadmin Cross-site scripting (XSS) vulnerability in CMD_BANDWIDTH_BREAKDOWN in DirectAdmin 1.30.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter. | 4.3 |
| 2007-09-12 | CVE-2007-4828 | Cross-Site Scripting vulnerability in Mediawiki Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2007-09-11 | CVE-2007-4819 | Cross-Site Scripting vulnerability in TXX CMS TXX CMS 0.2 Multiple cross-site scripting (XSS) vulnerabilities in Txx CMS 0.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |