Lucene search
K

82 matches found

Exploit DB
Exploit DB
added 2011/06/17 12:0 a.m.674 views

WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)

Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP Info: Open source php/mysql fully featured auction script. Perfec...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/06/17 12:0 a.m.156 views

WeBid 1.0.2 presistent XSS via SQL Injection

Exploit for php platform in category web applications Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP Info: Open source php/mysql...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/06 12:0 a.m.20 views

Bs Auction Script SQL Injection

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs Auction Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/ Price:$24.95 Author : Sid3^effects aKa Ha...

Exploits0
exploitpack
exploitpack
added 2010/07/05 12:0 a.m.21 views

Bs Auction Script - SQL Injection

Bs Auction Script - SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs Auction Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/...

Exploits0
CVE
CVE
added 2010/06/03 2:0 p.m.45 views

CVE-2010-2144

CVE-2010-2144 describes a cross-site scripting (XSS) vulnerability in SignInForm.php of the Zeeways eBay Clone Auction Script, exploitable by remote attackers via the msg parameter. Affected component: signinform.php; vulnerability arises from improper handling of user-supplied input leading to s...

4.3CVSS5.9AI score0.03371EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2010/05/04 4:0 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via 1 the login field aka the username parameter, and possibly 2 the password field, to index.php. NOTE: some of these details are obtained from third party...

7.5CVSS9.4AI score0.01189EPSS
Exploits1References7
CVE
CVE
added 2010/05/04 3:0 p.m.56 views

CVE-2010-1706

CVE-2010-1706 concerns multiple SQL injection vulnerabilities in login.php of the 2daybiz Auction Script, allowing remote attackers to execute arbitrary SQL commands via the login field (username) and possibly the password field, directed at index.php. The issue is documented across multiple sour...

7.5CVSS9AI score0.01189EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2010/05/04 3:0 p.m.19 views

CVE-2010-1706

Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers to execute arbitrary SQL commands via 1 the login field aka the username parameter, and possibly 2 the password field, to index.php. NOTE: some of these details are obtained from third party...

8.7AI score0.01189EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2010/04/28 12:0 a.m.39 views

2daybiz Auction Script SQL Injection

Exploit Title: Authentication bypass in 2daybiz Auction Script Date: 27-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : Authentication bypass in 2daybiz Auction Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects aKa haRi Description : 2daybiz Auction Script provides everythin...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2010/04/27 12:0 a.m.20 views

2DayBiz Auction Script - Authentication Bypass

2DayBiz Auction Script - Authentication Bypass Authentication bypass in 2daybiz Auction Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects aKa haRi Description : 2daybiz Auction Script provides everything you need, to establish a professionally looking online Auction website like Ebay.com...

0.7AI score
Exploits0
0day.today
0day.today
added 2010/04/27 12:0 a.m.22 views

2daybiz Auction Script Authentication Bypass

Exploit for php platform in category web applications ============================================ 2daybiz Auction Script Authentication Bypass ============================================ Authentication bypass in 2daybiz Auction Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects aKa haRi...

7.1AI score
Exploits0
Prion
Prion
added 2009/11/24 2:30 a.m.15 views

Sql injection

SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter...

7.5CVSS9.1AI score0.00971EPSS
Exploits1References4
NVD
NVD
added 2009/11/24 2:30 a.m.16 views

CVE-2009-4058

SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter...

7.5CVSS8.4AI score0.00971EPSS
Exploits1References4
Cvelist
Cvelist
added 2009/11/24 2:0 a.m.17 views

CVE-2009-4058

SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote attackers to execute arbitrary SQL commands via the aid parameter...

8.4AI score0.00971EPSS
Exploits1References4
CVE
CVE
added 2009/11/24 2:0 a.m.43 views

CVE-2009-4058

The vulnerability is a SQL injection in Telebid Auction Script, affecting the allauctions.php endpoint via the aid parameter. Exploitation could allow remote attackers to execute arbitrary SQL commands, with the NVD noting a HIGH base score (7.5) and network-based, low-complexity access. The conn...

7.5CVSS8.4AI score0.00971EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2009/08/28 3:30 p.m.14 views

Sql injection

SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/08/28 3:30 p.m.14 views

Sql injection

SQL injection vulnerability in the admin panel admin/ in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the username...

7.5CVSS9.1AI score0.00967EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/08/28 3:30 p.m.11 views

Cross site scripting

eledicss.php in WeBid auction script 0.5.4 allows remote attackers to modify arbitrary cascading style sheets CSS files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting XSS attacks...

5CVSS6.1AI score0.01731EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/08/28 3:30 p.m.18 views

CVE-2008-7119

SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.3AI score0.00967EPSS
Exploits1References3
NVD
NVD
added 2009/08/28 3:30 p.m.16 views

CVE-2008-7117

eledicss.php in WeBid auction script 0.5.4 allows remote attackers to modify arbitrary cascading style sheets CSS files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting XSS attacks...

5CVSS5.8AI score0.01731EPSS
Exploits1References3
Rows per page
Query Builder