CVE-2006-3377

Cross-site scripting XSS vulnerability in JMB Software AutoRank PHP 3.02 and earlier, and AutoRank Pro 5.01 and earlier, allows remote attackers to inject arbitrary web script or HTML via the 1 Keyword parameter in search.php and the 2 Username parameter in main.cgi...