Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in myadmin/index.php in NextAge Shopping Cart allow remote attackers to inject arbitrary web script or HTML via the 1 username and 2 password parameters...