Lucene search
K

5 matches found

EUVD
EUVD
added 2026/05/10 3:31 p.m.23 views

EUVD-2022-55989

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
NVD
NVD
added 2026/05/10 1:16 p.m.41 views

CVE-2022-50968

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:13 p.m.6 views

CVE-2022-50968

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/10 12:13 p.m.16 views

CVE-2022-50968

uBidAuction 2.0.1 contains a reflected XSS in the auctions/manage module. The filter parameters date_created, date_from, date_to, and created_at are not sanitized, allowing remote attackers to inject scripts via crafted GET requests that run in victims’ browsers. The provided sources corroborate ...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:13 p.m.9 views

CVE-2022-50968 uBidAuction 2.0.1 auctions manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
Rows per page
Query Builder