CVE-2006-2750
CVE-2006-2750 is an XSS in Open Searchable Image Catalogue (OSIC) via the do_mysql_query function in core.php, affected in OSIC versions before 0.7.0.1. The vulnerability allows remote attackers to inject arbitrary scripts/HTML that are reflected in error messages. Root cause details are limited ...