Cross-site scripting (XSS) vulnerability in the search module in Inter Network Marketing (INM) CMS G3 allows remote attackers to inject arbitrary web script or HTML via the search_string parameter.