CVE-2006-2635

Multiple cross-site scripting XSS vulnerabilities in Tikiwiki aka Tiki CMS/Groupware 1.9.x allow remote attackers to inject arbitrary web script or HTML via malformed nested HTML tags such as "ipt" in 1 offset and 2 days parameters in a tiki-lastchanges.php, the 3 find and 4 offset parameters in ...