Vulnerabilities > PHP Script Tools

DATE CVE VULNERABILITY TITLE RISK
2007-02-12 CVE-2006-7005 SQL-Injection vulnerability in PSY Auction
SQL injection vulnerability in item.php in PSY Auction allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
php-script-tools
7.5
2007-02-12 CVE-2006-7004 Cross-Site Scripting vulnerability in PSY Auction
Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
6.8