Vulnerabilities > PHP PRO BID

DATE CVE VULNERABILITY TITLE RISK
2006-07-31 CVE-2006-3927 Input Validation vulnerability in PHP PRO BID PHP PRO BID 5.24
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter.
network
php-pro-bid
4.3
2006-07-31 CVE-2006-3926 Input Validation vulnerability in PHP PRO BID PHP PRO BID 5.24
Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.
network
low complexity
php-pro-bid
7.5