CVE-2008-2644
CVE-2008-2644 affects SMEWeb versions 1.4b and 1.4f with multiple XSS flaws. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via: (1) data parameter to catalog.php, (2) keyword parameter to search.php, (3) page parameter to bb.php, and (4) new_s parameter to orde...