Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-26 | CVE-2004-1865 | Cross-Site Scripting vulnerability in Bblog 0.7.2 Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). | 3.5 |
| 2004-02-17 | CVE-2004-0067 | Cross-Site Scripting vulnerability in PHPgedview Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. | 4.3 |
| 2003-12-31 | CVE-2003-1556 | Cross-Site Scripting vulnerability in CGI City CC Guestbook Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. | 4.3 |
| 2003-12-31 | CVE-2003-1554 | Cross-Site Scripting vulnerability in Scoznet Scozbook 1.1Beta Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables. | 4.3 |
| 2003-12-31 | CVE-2003-1549 | Cross-Site Scripting vulnerability in Myabracadaweb Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter. | 4.3 |
| 2003-12-31 | CVE-2003-1547 | Cross-Site Scripting vulnerability in Francisco Burzi PHP-Nuke Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter. | 4.3 |
| 2003-12-31 | CVE-2003-1546 | Cross-Site Scripting vulnerability in Filebased Guestbook 1.1.3 Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section. | 4.3 |
| 2003-12-31 | CVE-2003-1543 | Cross-Site Scripting vulnerability in Bajie Java Http Server 0.95 Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message. | 4.3 |
| 2003-12-31 | CVE-2003-1539 | Cross-Site Scripting vulnerability in Onedotoh Simple File Manager Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. | 4.3 |
| 2003-12-31 | CVE-2003-1536 | Cross-Site Scripting vulnerability in Dcp-Portal 5.3.1 Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php. | 4.3 |