Cj Desing Security Vulnerabilities

CVE-2005-2900

Cross-site scripting (XSS) vulnerability in top.php in CjLinkOut 1.0 allows remote attackers to inject arbitrary web script or HTML via the 123 parameter.

CVE-2005-2901

Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message, or (3) ip parameter to thankyou.php or (4) emsg parameter to web2mail.php.