Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-26 | CVE-2006-6729 | Cross-Site Scripting vulnerability in A-Blog Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-12-21 | CVE-2006-6687 | Cross-Site Scripting vulnerability in Web-App.Net Webapp 0.9.9.3.4/0.9.9.4 Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-12-10 | CVE-2006-6451 | Cross-Site Scripting vulnerability in Swsoft Plesk 7.5 Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) get_password.php or (2) login_up.php3. | 6.8 |
2006-12-10 | CVE-2006-6401 | Cross-Site Scripting vulnerability in Mystats Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter. | 6.8 |
2006-12-07 | CVE-2006-6359 | Cross-Site Scripting vulnerability in Stefan Frech Online-Bookmarks 0.6.12 Cross-site scripting (XSS) vulnerability in Stefan Frech online-bookmarks 0.6.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.8 |
2006-11-29 | CVE-2006-6163 | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters. | 4.3 |
2006-11-29 | CVE-2006-6162 | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 1.9.6 Cross-site scripting (XSS) vulnerability in tiki-edit_structures.php in TikiWiki 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the pageAlias parameter. | 4.3 |
2006-11-28 | CVE-2006-6159 | Cross-Site Scripting vulnerability in Deskpro 2.0.0/2.0.1 Multiple cross-site scripting (XSS) vulnerabilities in newticket.php in DeskPRO 2.0.0 and 2.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) message or (2) subject parameter. | 6.8 |
2006-11-26 | CVE-2006-6108 | Cross-Site Scripting vulnerability in Ec-Cube 1.0 Cross-site scripting (XSS) vulnerability in EC-CUBE before 1.0.1a-beta allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2006-11-24 | CVE-2006-6096 | Cross-Site Scripting vulnerability in Dotnetindex Active News Manager Cross-site scripting (XSS) vulnerability in activenews_search.asp in ActiveNews Manager allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |