CVE-2007-0265

Multiple cross-site scripting XSS vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the pic parameter to custom/piczoom.asp, 2 the nocatname parameter to boxx/user-upload.asp, or 3 the iid parameter to...