Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote malicious users to inject arbitrary web script or HTML via the argument.
leif m. wright ad.cgi