PaBox version 2.0 is susceptible to cross site scripting attacks via a variable that gets user defined and later used in an IMG tag.
bb99e378a5bd7a4d9b7e12872dc2af16556ed81e670f86e6f4b5716d85941f76
PABox version 1.6 is susceptible to a cross site scripting attack.
70e73ed35b640185dfeae795700edafc7f3cdbae839d0995ef088f51ec7b31eb