Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Ultimate Auction 3.67 allow remote attackers to inject arbitrary web script or HTML via the 1 item parameter in item.pl and 2 category parameter in itemlist.pl, which reflects the XSS in an error message. NOTE: the affected version might be wro...