Code-projects Budget Management 1.0 is vulnerable to Cross Site Scripting (XSS) via the budget parameter.