AI Score
Confidence
High
EPSS
Percentile
58.9%
Multiple cross-site scripting (XSS) vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rss.php and (2) search.php.
packetstormsecurity.org/0908-exploits/auctionrsscs-xss.txt
secunia.com/advisories/36490
www.vupen.com/english/advisories/2009/2444