4 matches found
EUVD-2022-55990
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted...
CVE-2022-50969
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted...
CVE-2022-50969
CVE-2022-50969 affects uBidAuction 2.0.1 and involves a reflected Cross‑Site Scripting (XSS) vulnerability in the backend/mailingLog/manage module. The issue stems from improper sanitization of the date_created, date_from, date_to, and created_at parameters in the filter functionality, allowing r...
PT-2026-39494
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...