Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/22274
http://www.irannetjob.com/index.php?option=com_content&task=view&id=122&Itemid=28