WeBid 1.1.1 File Upload

File upload vulnerability in WeBid ajax.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

WeBid 1.1.1 Unrestricted File Upload Exploit

?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / / / XXXXXX / / XXXXXX / / XXXXXX / ------' Exploit Title : WeBid 1.1.1 Unrestricted File Upload Exploit Date ...

CVE-2014-5114

WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the 1 js or 2 cat parameter...

Code injection

WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the 1 js or 2 cat parameter...

CVE-2014-5114

WeBid 1.1.1 allows remote attackers to conduct an LDAP injection attack via the 1 js or 2 cat parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 TPLname, 2 TPLnick, 3 TPLemail, 4 TPLyear, 5 TPLaddress, 6 TPLcity, 7 TPLprov, 8 TPLzip, 9 TPLphone, 10 TPLppemail, 11 TPLauthnetid, 12 TPLauthnetpass, 13...

CVE-2014-5101

CVE-2014-5101 affects WeBid 1.1.1 with multiple XSS vulnerabilities (and LDAP injection per some sources). The issues allow remote attackers to inject arbitrary scripts/HTML via parameters in register.php (TPL_name, TPL_nick, TPL_email, TPL_year, TPL_address, TPL_city, TPL_prov, TPL_zip, TPL_phon...