source: https://www.securityfocus.com/bid/7729/info

It has been reported that a cross-site scripting vulnerability exists in Bandmin. Because of this, an attacker may be able to execute script code or HTML in the context of the site hosting Bandmin by enticing a web user to follow a malicious link. 

http://www.example.com/bandwidth/index.cgi?action=showmonth&year=[FIRST SCRIPT]&month=[SECOND SCRIPT]

http://www.example.com/bandwidth/index.cgi?action=showhost&month=May&year=2003&host=[THIRD SCRIPT]