Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/25515
http://www.vupen.com/english/advisories/2006/1150
http://www.securityfocus.com/bid/17285
http://www.securityfocus.com/archive/1/429109/100/0/threaded