===================Discovered by: Qex Date: 25 April 2006 =================== /portfolio.php?cat_id=[XSS] /portfolio_photo_popup.php?id=[XSS]