1 matches found
CVE-2007-2499
Multiple cross-site scripting XSS vulnerabilities in DVDdb 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the movieid parameter to loan.php or 2 the s parameter to listmovies.php...