The remote host is vulnerable to HTML Injection and Cross-Site Scripting attacks.
There is a flaw in the remote phpAdNew/phpPgAds PHP Ads server, a banner management and tracking system written in PHP. This version of phpAdNew is vulnerable to an HTML injection and a Cross-Site Scripting (XSS) flaw. An attacker exploiting these flaws would be able to gain access to potentially confidential data
Upgrade to version 2.0.8 or higher.