Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Active Bids Security Vulnerabilities

cve
cve

CVE-2008-5640

SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.

8.4AI Score

0.002EPSS

2008-12-17 05:30 PM
22
cve
cve

CVE-2009-0429

Multiple SQL injection vulnerabilities in Active Bids allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to search.asp, (2) SortDir parameter to auctionsended.asp, and the (3) catid parameter to wishlist.php.

8.8AI Score

0.001EPSS

2009-02-05 12:30 AM
27
cve
cve

CVE-2009-0430

Multiple cross-site scripting (XSS) vulnerabilities in Active Bids allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter to search.asp and the (2) URL parameter to tellafriend.asp.

5.9AI Score

0.002EPSS

2009-02-05 12:30 AM
20
cve
cve

CVE-2009-4229

Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote attackers to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-0429.3. NOTE: the provenance...

8.1AI Score

0.001EPSS

2009-12-08 07:30 PM
20