CVE-2008-6396
Cross-site scripting (XSS) vulnerability in account.php in Celerondude Uploader 6.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information.
Date published : 2009-03-04
http://www.securityfocus.com/bid/31010
http://packetstormsecurity.org/0809-exploits/uploader6-xss.txt