CVE-2005-3496
CVE-2005-3496: XSS in PHP Handicapper via msg parameter to msg.php; second vector via login parameter to process_signup.php is reported as CRLF injection (CVE-2005-4712) per sources. CVE-2005-3497: SQL injection via serviceid parameter in process_signup.php. Exploitation details are not provided ...