RSS   Vulnerabilities for 'Php pro bid'   RSS

2006-07-31
 
CVE-2006-3927

 
 
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter.

 
 
CVE-2006-3926

 
 
Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.

 

Copyright 2024, cxsecurity.com

 

Back to Top