Lucene search

K

Bid Security Vulnerabilities

cve
cve

CVE-2014-125063

A vulnerability was found in ada-l0velace Bid and classified as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identifier of the patch is abd71140b8219fa8741d0d8a57ab27d5bfd34222. It is recommended to apply a patch to fix this issue. The...

9.8CVSS

9.7AI Score

0.001EPSS

2023-01-07 07:15 PM
22
cve
cve

CVE-2010-1854

Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown;.....

6.1AI Score

0.004EPSS

2022-10-03 04:21 PM
19
cve
cve

CVE-2017-2208

Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified...

7.8CVSS

7.8AI Score

0.001EPSS

2017-07-07 01:29 PM
27
cve
cve

CVE-2017-2178

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified...

8.8CVSS

8.7AI Score

0.007EPSS

2017-06-09 04:29 PM
23
cve
cve

CVE-2010-1855

SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to execute arbitrary SQL commands via the id_auk...

8.6AI Score

0.004EPSS

2010-05-07 08:30 PM
27
cve
cve

CVE-2009-3336

SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id...

8.5AI Score

0.001EPSS

2009-09-24 04:30 PM
17
cve
cve

CVE-2009-0970

PHP remote file inclusion vulnerability in includes/class_image.php in PHP Pro Bid 6.05, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the fileExtension parameter. NOTE: the provenance of this information is unknown; the details are obtained...

7.5AI Score

0.008EPSS

2009-03-19 10:30 AM
28
cve
cve

CVE-2008-6043

Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components. NOTE: some of these details are obtained from third party...

8.9AI Score

0.001EPSS

2009-02-03 11:30 AM
18
cve
cve

CVE-2006-3927

Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc...

5.9AI Score

0.065EPSS

2006-07-31 09:04 PM
14
cve
cve

CVE-2006-3926

Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b)...

8.9AI Score

0.017EPSS

2006-07-31 09:04 PM
17