CVE-2007-2801
CVE-2007-2801 affects eTicket 1.5.5 and 1.5.5.1. The issue is a cross-site scripting (XSS) vulnerability in open.php exploitable when PHP register_globals is On, allowing remote attackers to inject script via the err and warn parameters. Root cause is improper handling of user-supplied inputs und...