CVE-2008-0146
Cross-site scripting (XSS) vulnerability in the error page in W3-mSQL allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the top-level URI.
Date published : 2008-01-08
http://www.securityfocus.com/bid/27116
http://www.securityfocus.com/archive/1/485736/100/0/threaded