Vulnerabilities > Rainworx > Rwauction PRO
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-03 | CVE-2007-3540 | Cross-Site Scripting vulnerability in Rainworx Rwauction PRO 5.0 Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060. network rainworx | 4.3 |
2005-12-07 | CVE-2005-4060 | Cross-Site Scripting vulnerability in Rainworx Rwauction PRO 4.0/5.0 Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. | 4.3 |