Cross-site scripting (XSS) vulnerability in GejoSoft allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI in photos/tags.Referenceshttp://secunia.com/advisories/35921http://packetstormsecurity.org/0907-exploits/gejosoft-xss.txthttp://osvdb.org/56061https://exchange.xforce.ibmcloud.com/vulnerabilities/51879http://www.vupen.com/english/advisories/2009/1968
