2 matches found
CVE-2005-2253
CVE-2005-2253 is a SQL injection in PhpAuction 2.5, where an attacker can modify SQL queries through the category parameter in adsearch.php. Root cause: unsanitized input used in database queries. Affected: PhpAuction 2.5. Impact: as described by CVE/NVD (base score 7.5, HIGH). Exploitation detai...
CVE-2005-2253
SQL injection vulnerability in PhpAuction 2.5 allow remote attackers to modify SQL queries via the category parameter to adsearch.php. NOTE: there is evidence that viewnews.php may not be part of the PhpAuction product, so it is not included in this description...