CVE-2008-3394
CVE-2008-3394 : In BookMine, multiple cross-site scripting (XSS) vulnerabilities exist in the web app’s search.cfm. The issue allows remote attackers to inject arbitrary web script or HTML via the (1) gallery and (2) search_string parameters. Root cause: insufficient input validation/sanitization...