7 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1...
CVE-2008-7000
CVE-2008-7000 documents a PHP remote file inclusion in PHPAuction 3.2. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the lan parameter to index.php (and possibly related files), enabling code inclusion from a remote or local source. The note suggests a possible r...
CVE-2008-7000
PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1...
CVE-2008-2900
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2900
SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-2900
PHPAuction 3.2 is affected by an SQL injection in item.php, exploitable via the id parameter to allow remote execution of arbitrary SQL commands. This is the underlying root cause reported in CVE-2008-2900 and is reflected across NVD and CVE records. No explicit remediation or patched version is ...