CVE-2009-2893

Multiple cross-site scripting XSS vulnerabilities in index.php in XZero Community Classifieds 4.97.8 allow remote attackers to inject arbitrary web script or HTML via 1 the postevent parameter in a post action or 2 the xzcaly parameter...