CVE-2007-6646
CVE-2007-6646 covers multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1 and possibly other versions before 1.1.0. The issues enable remote attackers to inject arbitrary script/HTML via (1) the return parameter to user/remindPassword, (2) the q parameter to the category script, ...