Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.
http://www.securityfocus.com/bid/5699
http://www.iss.net/security_center/static/10089.php