CVE-2006-3494
Multiple cross-site scripting XSS vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the 1 catid parameter to a viewclassifieds.php; 2 id parameter in b viewad.php; 3 eventid parameter in c viewevent.php, d deleteevent.php, and e editevent.php;...