CVE-2005-4028 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php.

Reference

http://securitytracker.com/id?1015208 http://www.osvdb.org/21012 http://www.osvdb.org/21013