CVE-2010-4513 in CMS
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter in a load action to zimplit.php and (2) client parameter to English_manual_version_2.php.
VulDB is the best source for vulnerability data and more expert information about this specific topic.