Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:16 p.m.7 views

CVE-2018-1000867

WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit...

8.8CVSS8.1AI score0.00374EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-2047

Malware in sbrugna...

6.1CVSS6.3AI score0.00482EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/08/15 9:29 p.m.9 views

CVE-2011-10011

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remot...

10CVSS8.6AI score0.57505EPSS
Exploits0References1
NVD
NVDadded 2025/08/13 9:15 p.m.3 views

CVE-2011-10011

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remot...

10CVSS0.57505EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/08/13 8:55 p.m.2 views

CVE-2011-10011 WeBid 1.0.2 converter.php Remote PHP Code Injection

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remot...

10CVSS8.5AI score0.57505EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/23 1:48 a.m.7 views

CVE-2023-47397

WeBid =1.2.2 is vulnerable to code injection via admin/categoriestrans.php...

9.8CVSS7.3AI score0.0031EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/05/22 1:50 p.m.7 views

CVE-2014-5101

Multiple cross-site scripting XSS vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 TPLname, 2 TPLnick, 3 TPLemail, 4 TPLyear, 5 TPLaddress, 6 TPLcity, 7 TPLprov, 8 TPLzip, 9 TPLphone, 10 TPLppemail, 11 TPLauthnetid, 12 TPLauthnetpass, 13...

4.3CVSS5.9AI score0.00503EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/05/22 12:0 a.m.2 views

PT-2024-26483 · Webid · Webid

Name of the Vulnerable Software and Affected Versions: WeBid version 1.1.2 Description: The issue is related to SQL Injection via the admin/tax.php endpoint. This allows for potential unauthorized access to database information. Recommendations: For WeBid version 1.1.2, as a temporary workaround,...

9.8CVSS7.7AI score0.00188EPSS
Exploits1References7
OSV
OSVadded 2018/12/20 5:29 p.m.14 views

CVE-2018-1000867

WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions.php scripts that can result in Database Read via Blind SQL Injection. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit...

8.8CVSS8.1AI score
Exploits0References3
Cvelist
Cvelistadded 2018/12/20 5:0 p.m.15 views

CVE-2018-1000882

WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit...

7.6AI score0.00504EPSS
Exploits1References3
Rows per page
Query Builder