CVE-2005-2818 Information

Description

Cross-site scripting (XSS) vulnerability in DownFile 1.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter to (1) email.php(2) index.php (3) del.php or (4) add_form.php.

Reference

http://secunia.com/advisories/16630 http://securitytracker.com/id?1014827 http://www.securityfocus.com/bid/14713 http://www.vupen.com/english/advisories/2005/1601