Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/14160
http://www.securityfocus.com/bid/9369