Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in LinPHA before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via 1 ftp/index.php, 2 viewer.php, 3 functions/other.php, 4 include/leftmenu.class.php, or 5 plugins/stats/statsview.php...