The host is running PHPWebGallery which is prone to multiple XSS and script inclusion Vulnerabilities.

Successful attack could lead to execution of arbitrary HTML or scripting code in the security context of an affected web page. Impact Level: Application

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. For updates refer to http://download.gna.org/phpwebgallery/

The flaws are due to improper validation of input data to parameters in isadmin.inc.php and init.inc.php file, which allow remote attackers to inject arbitrary web script via lang[access_forbiden], lang[ident_title], user[language] and user[template] parameters.

PHPWebGallery Version 1.3.4 and prior on all running platform.