CVE-2022-50965

CVE-2022-50965 affects uBidAuction 2.0.1, specifically the posts/manage module. The vulnerability is a reflected cross-site scripting flaw where the filter functionality fails to sanitize the date_created, date_from, date_to, and created_at parameters, allowing an attacker to inject malicious scr...

CVE-2022-50964

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

CVE-2022-50964

The CVE-2022-50964 entry is for uBidAuction 2.0.1, affecting the auctions/myAuctions/status/loose module. The vulnerability is a reflected cross-site scripting (XSS) flaw caused by inadequate sanitization of the filter parameters date_created, date_from, date_to, and created_at in GET requests, a...

CVE-2022-50964 uBidAuction 2.0.1 myAuctions loose Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

CVE-2022-50963 uBidAuction 2.0.1 myAuctions active Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

CVE-2022-50963

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

CVE-2022-50963

uBidAuction 2.0.1 has a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The filter parameters date_created, date_from, date_to, and created_at are not properly sanitized, allowing remote attackers to inject scripts via crafted GET requests that execut...

CVE-2022-50962

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

CVE-2026-45370

creationtimestamp| type| source ---|---|--- 2026-05-10 11:59:33+00:00| published-proof-of-concept| https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-5v57-8rxj-3p2r 2026-05-14 22:10:29+00:00| seen| https://gist.github.com/alon710/b6fd947590993b5b0ed338c431321c...

CVE-2026-8231

creationtimestamp| type| source ---|---|--- 2026-05-10 08:17:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlid3h32jz2h...

CVE-2026-8226

creationtimestamp| type| source ---|---|--- 2026-05-10 08:07:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlicjk73nx2e...

CVE-2026-8229

creationtimestamp| type| source ---|---|--- 2026-05-10 07:47:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlibf7mw772v...

CVE-2026-45184

creationtimestamp| type| source ---|---|--- 2026-05-10 01:05:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlhkxbdvhd2k...

PT-2026-39489

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts v...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online auctions and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the filter functions for the...

SUSE SLED15 / SLES15 Security Update : librsvg (SUSE-SU-2026:1750-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1750-1 advisory. This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 28...

PT-2026-39492

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online bidding and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleaning of the filter functions for t...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by uBidAuction Company, which supports online bidding and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleanup of the filter functions for the...

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online auctions and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from the improper cleaning of the filter functions for...