Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 allow remote attackers to inject arbitrary web script or HTML via the rid parameter to (1) index.php, (2) faq.php, and (3) register.php.
CPE | Name | Operator | Version |
---|---|---|---|
auto-surf_traffic_exchange_script | eq | 1.1 |