WeBid 1.1.2P2 SQL Injection

Advisory ID: HTB23292 Product: WeBid Vendor: WeBid Vulnerable Versions: 1.1.2P2 and probably prior Tested Version: 1.1.2P2 Advisory Publication: January 22, 2016 without technical details Vendor Notification: January 22, 2016 Vendor Patch: February 4, 2016 Public Disclosure: February 17, 2016...

WeBid 'converter.php' Multiple Remote PHP Code Injection Vulnerabilities

WeBid is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary PHP code because the application fails to adequately sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...