3 matches found
CVE-2009-0107
Cross-site scripting XSS vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to inject arbitrary web script or HTML via the userid parameter...
CVE-2009-0107
PHPAuctions (PHPAuctionSystem) is affected by a Cross-site Scripting (XSS) vulnerability in profile.php where the user_id parameter can be exploited to inject arbitrary web script or HTML. Affected component: profile.php in PHPAuctions. Root cause: unsanitized user_id input enabling script/HTML i...
CVE-2009-0107
Cross-site scripting XSS vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to inject arbitrary web script or HTML via the userid parameter...