CVE-2004-2123

Multiple cross-site scripting XSS vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the 1 level parameter of productdetail.asp, 2 searchKey parameter of searchresults.asp, and possibly 3 level parameter of ListCategories.asp...