CVE-2009-3529

SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a viewforum action, a different vector than CVE-2005-1074...

CVE-2009-3530

RadBids Gold 4 (RadScripts) is affected by a cross-site scripting (XSS) vulnerability in storefront.php via the mode parameter. The available sources (NVD, CVE listings) confirm the vulnerability but do not provide additional technical details such as affected versions beyond RadBids Gold 4, or c...

radscripts.txt

Products: RadBids Gold, RadLance Gold, RadNics Gold auction products Vendor: RadScripts URL: http://www.radscripts.com/ VULNERABILITY CLASS: Admin login bypass Product Description RadBids was designed to give you all the tools needed to rapidly deploy an ebay style auction web site solution. Our...

RadScripts - 'a_editpage.php?Filename' Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote attacker...

RadScripts - a_editpage.php?Filename Arbitrary File Overwrite

RadScripts - aeditpage.php?Filename Arbitrary File Overwrite source: https://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts...

CVE-2006-2404

Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. dot dot in the read parameter...

Directory traversal

Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. dot dot in the read parameter...

CVE-2006-2404

Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. dot dot in the read parameter...

CVE-2006-2404

CVE-2006-2404 is a directory-traversal vulnerability in the RadScripts RadLance Gold 7.0 package, specifically in popup.php. The underlying issue allows an unauthenticated attacker to read arbitrary files by providing a ".." sequence in the read parameter, enabling unauthorized access to local fi...

CVE-2005-1075

Multiple cross-site scripting XSS vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via 1 the farea parameter to faq.php or the 2 cat, 3 order, or 4 area parameters to index.php...

CVE-2005-1074

SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to execute arbitrary SQL commands via the mode parameter...

CVE-2005-1073

Directory traversal vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to read arbitrary files via the read parameter...

CVE-2005-1075

The CVE-2005-1075 entry describes multiple cross-site scripting (XSS) vulnerabilities in the RadScripts RadBids Gold 2 application. The affected component is the web interface (faq.php and index.php) where user-supplied parameters can be injected: farea in faq.php; cat, order, or area in index.ph...

CVE-2005-1074

CVE-2005-1074 : SQL injection in index.php for RadScripts RadBids Gold 2. An attacker can supply the mode parameter to remotely execute arbitrary SQL commands. Affected: RadScripts RadBids Gold 2; vulnerability arises in the index.php handling of mode. CVSSv2 base score 7.5 (HIGH) with network ac...

CVE-2005-1073

CVE-2005-1073 describes a directory-traversal vulnerability in RadScripts RadBids Gold 2, where an attacker can read arbitrary files via the read parameter in index.php. The NVD entry lists a 5.0/Medium CVSS v2 base score with network exposure and no authentication, indicating remote access is po...

CVE-2005-1073

Directory traversal vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to read arbitrary files via the read parameter...

CVE-2005-1075

Multiple cross-site scripting XSS vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via 1 the farea parameter to faq.php or the 2 cat, 3 order, or 4 area parameters to index.php...

CVE-2005-1074

SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to execute arbitrary SQL commands via the mode parameter...