CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1006 matches found

EUVD•added 2026/05/10 3:31 p.m.•2 views

EUVD-2022-55989

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00042EPSS

Exploits0References5

Vulnrichment•added 2026/05/10 12:13 p.m.•3 views

CVE-2022-50969 uBidAuction 2.0.1 mailingLog manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted...

6.1CVSS5.7AI score0.00042EPSS

Exploits0References4

Vulnrichment•added 2026/05/10 12:12 p.m.•5 views

CVE-2022-50966 uBidAuction 2.0.1 news manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS5.7AI score0.00042EPSS

Exploits0References4

Cvelist•added 2026/05/10 12:12 p.m.•26 views

CVE-2022-50965 uBidAuction 2.0.1 posts manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS0.00042EPSS

Exploits0References4

CNNVD•added 2026/05/10 12:0 a.m.•4 views

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online bidding and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleaning of the filter functions for t...

6.1CVSS5.7AI score0.00042EPSS

Exploits0References1

Positive Technologies•added 2026/05/10 12:0 a.m.•3 views

PT-2026-39493

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

6.1CVSS5.7AI score0.00042EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 11:51 a.m.•6 views

CVE-2009-4989

Cross-site scripting XSS vulnerability in index.php in AJ Auction Pro OOPD 3.0 allows remote attackers to inject arbitrary web script or HTML via the txtkeyword parameter in a search action...

4.3CVSS5.9AI score0.02646EPSS

Exploits1References1

Patchstack•added 2025/12/31 12:0 a.m.•5 views

WordPress WordPress Auction plugin <= 3.7 - Editor+ SQL Injection vulnerability

Editor+ SQL Injection vulnerability discovered by Thanh Kieu in WordPress Plugin WordPress Auction Plugin versions = 3.7...

9.8CVSS6AI score0.00486EPSS

Exploits1References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•2 views

WordPress WordPress Auction plugin <= 3.7 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WordPress Auction Plugin versions = 3.7...

4.8CVSS5.9AI score0.0017EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2025/12/17 10:3 a.m.•1 views

CVE-2025-68084

Missing Authorization vulnerability in Nitesh Ultimate Auction ultimate-auction allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.4CVSS5.7AI score0.00058EPSS

Exploits0References1

RedhatCVE•added 2025/12/17 10:2 a.m.•1 views

CVE-2025-66125

Insertion of Sensitive Information Into Sent Data vulnerability in Nitesh Ultimate Auction ultimate-auction allows Retrieve Embedded Sensitive Data.This issue affects Ultimate Auction : from n/a through = 4.3.3...

5.3CVSS5.8AI score0.0004EPSS

Exploits0References1

EUVD•added 2025/12/16 9:31 a.m.•1 views

EUVD-2025-203535

6.5AI score0.00058EPSS

Exploits0References2

EUVD•added 2025/12/16 9:31 a.m.•1 views

EUVD-2025-203585

5.3CVSS6.4AI score0.0004EPSS

Exploits0References2

NVD•added 2025/12/16 9:16 a.m.•2 views

CVE-2025-68084

5.4CVSS0.00058EPSS

Exploits0References1

NVD•added 2025/12/16 9:15 a.m.•1 views

CVE-2025-66125

5.3CVSS0.0004EPSS

Exploits0References1

Vulnrichment•added 2025/12/16 8:13 a.m.•1 views

CVE-2025-68084 WordPress Ultimate Auction plugin <= 4.3.3 - Broken Access Control vulnerability

5.4CVSS5.1AI score0.00058EPSS

Exploits0References1

Cvelist•added 2025/12/16 8:13 a.m.•27 views

CVE-2025-68084 WordPress Ultimate Auction plugin <= 4.3.3 - Broken Access Control vulnerability

5.4CVSS0.00058EPSS

Exploits0References1

CVE•added 2025/12/16 8:13 a.m.•2 views

CVE-2025-68084

CVE-2025-68084 relates to the WordPress plugin “Ultimate Auction” (ultimate-auction). Connected sources confirm a Missing Authorization / Broken Access Control vulnerability affecting Ultimate Auction versions up to 4.3.2. The CVE entry is present in multiple feeds and the Wordfence vulnerability...

5.4CVSS5.7AI score0.00058EPSS

Exploits0References1

Vulnrichment•added 2025/12/16 8:12 a.m.•1 views

CVE-2025-66125 WordPress Ultimate Auction plugin <= 4.3.3 - Sensitive Data Exposure vulnerability

5.3CVSS5.2AI score0.0004EPSS

Exploits0References1

Cvelist•added 2025/12/16 8:12 a.m.•25 views

CVE-2025-66125 WordPress Ultimate Auction plugin <= 4.3.3 - Sensitive Data Exposure vulnerability

5.3CVSS0.0004EPSS

Exploits0References1

Rows per page