Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter.
http://www.iss.net/security_center/static/9739.php
http://endity.com/board/index.php?act=ST&f=3&t=68&s=363128162825b2d7fcf60c9cd2a292fe