Lucene search
K

7 matches found

EUVD
EUVD
added 2026/05/10 3:31 p.m.19 views

EUVD-2022-55988

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
NVD
NVD
added 2026/05/10 1:16 p.m.19 views

CVE-2022-50967

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

6.1CVSS0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 12:12 p.m.7 views

CVE-2022-50967 uBidAuction 2.0.1 tickets manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:12 p.m.5 views

CVE-2022-50967

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/10 12:12 p.m.11 views

CVE-2022-50967

CVE-2022-50967 concerns a reflected cross-site scripting vulnerability in uBidAuction 2.0.1, specifically in the tickets/manage module. The issue stems from improper sanitization of the filter parameters date_created, date_from, date_to, and created_at, enabling an attacker to inject malicious sc...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.12 views

PT-2026-39492

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The date created, date from, date to, and created at parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.11 views

uBidAuction 跨站脚本漏洞

uBidAuction is an auction website system developed by the uBidAuction company, which supports online auctions and product transaction management. Version 2.0.1 of uBidAuction has a cross-site scripting vulnerability. This vulnerability stems from improper cleaning of the filter functions for the...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder