Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter.Referenceshttp://www.securityfocus.com/archive/1/428157http://zone14.free.fr/advisories/1http://www.securityfocus.com/bid/17151https://exchange.xforce.ibmcloud.com/vulnerabilities/25099http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0191.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/25331
