Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to inject arbitrary web script or HTML via the searchterms parameter. NOTE: this might overlap CVE-2007-4024.Referenceshttp://securityreason.com/securityalert/4621http://secunia.com/advisories/30874https://www.exploit-db.com/exploits/5958https://exchange.xforce.ibmcloud.com/vulnerabilities/43451http://www.securityfocus.com/bid/29998
