CVE-2006-3564
HiveMail 1.3 and earlier are affected by multiple cross-site scripting (XSS) vulnerabilities. The issue arises from unsanitized input in several parameters across PHP scripts: (1) email, (2) cond, or (3) name in addressbook.view.php; (4) daysprune in index.php; (5) data[to] in compose.email.php; ...