Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in pagenumber.inc.php in phpPowerCards 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO, the 2 archiv parameter, and the 3 subcat parameter...