Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote malicious users to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mo...