CVE-2009-0108

PHPAuctions aka PHPAuctionSystem allows remote attackers to bypass authentication and gain administrative access via modified 1 PHPAUCTIONRMID, 2 PHPAUCTIONRMNAME, 3 PHPAUCTIONRMUSERNAME, and 4 PHPAUCTIONRMEMAIL cookies...

CVE-2009-0108

PHPAuctions (aka PHPAuctionSystem) has a remote authentication bypass vulnerability where an attacker can gain administrative access by tampering with cookies: PHPAUCTION_RM_ID, PHPAUCTION_RM_NAME, PHPAUCTION_RM_USERNAME, and PHPAUCTION_RM_EMAIL. The provided documents state the issue but do not ...

CVE-2009-0107

PHPAuctions (PHPAuctionSystem) is affected by a Cross-site Scripting (XSS) vulnerability in profile.php where the user_id parameter can be exploited to inject arbitrary web script or HTML. Affected component: profile.php in PHPAuctions. Root cause: unsanitized user_id input enabling script/HTML i...

CVE-2009-0106

SQL injection vulnerability in profile.php in PHPAuctions aka PHPAuctionSystem allows remote attackers to execute arbitrary SQL commands via the userid parameter...

SFS EZ Auction - Blind SQL Injection

Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : SFS EZ Auction Remote Blind sql injection Home Script : http://www.scripts-for-sites.info/item.php?item=97 Greetz : Allah , All my freind P0c : http://localhost/viewfaqs.php?cat=1+and+1...

SFS EZ Auction - Blind SQL Injection

SFS EZ Auction - Blind SQL Injection Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Blind Sql Injection Script : SFS EZ Auction Remote Blind sql injection Home Script : http://www.scripts-for-sites.info/item.php?item=97 Greetz : Allah , All my freind P0c :...