Cross-site scripting (XSS) vulnerability in AD2000 free-sw leger (aka Web Conference Room Free) 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
http://www.securityfocus.com/bid/35068
http://www.ad2000.co.jp/service/index.html
http://secunia.com/advisories/35148