Cross-site scripting (XSS) vulnerability in search.asp in PDshopPro, when downloaded before 20070308, allows remote attackers to inject arbitrary web script or HTML via the search parameter.Referenceshttp://osvdb.org/55020http://secunia.com/advisories/34200http://packetstorm.linuxsecurity.com/0906-exploits/pdshoppro-xss.txt
