CVE-2006-3927
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter.
Date published : 2006-07-31
http://www.securityfocus.com/bid/19158
http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html