CVE-2007-4080 Information

Description

Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote attackers to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564.

Reference

http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html http://osvdb.org/37266