Vulnerabilities > Phpprobid

DATE CVE VULNERABILITY TITLE RISK
2009-09-24 CVE-2009-3336 SQL Injection vulnerability in PHPprobid PHP PRO BID
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter.
network
low complexity
phpprobid CWE-89
7.5
2009-03-19 CVE-2009-0970 Code Injection vulnerability in PHPprobid PHP PRO BID 6.05
PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter.
network
phpprobid CWE-94
6.8
2009-02-03 CVE-2008-6043 SQL Injection vulnerability in PHPprobid PHP PRO BID 6.04
Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components.
network
low complexity
phpprobid CWE-89
7.5
2007-02-06 CVE-2007-0758 Remote File Include vulnerability in PHPprobid 5.24
PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 allows remote attackers to execute arbitrary PHP code via a URL in the SRC attribute of an HTML element in the lang parameter.
network
low complexity
phpprobid
7.5