CVE-2006-2997
The CVE-2006-2997 entry describes an XSS in ZMS 2.9 and earlier when register_globals is enabled. The vulnerability is triggered via the raw parameter in the search field, allowing remote injection of arbitrary web script/HTML. Affected product/version: ZMS 2.9 and earlier. Underlying cause: inpu...