2 matches found
CVE-2008-4872
The CVE-2008-4872 entry describes a Cross-site scripting (XSS) vulnerability in the iTechBids Gold 5.0 product, specifically in the bidhistory.php script, where an attacker can inject arbitrary web script or HTML through the item_id parameter. The affected component is the bidhistory.php code pat...
CVE-2008-3237
CVE-2008-3237 is a reported XSS vulnerability affecting ITechBids 7.0 Gold. The flaw occurs in forward_to_friend.php, where the productid parameter can be exploited to inject arbitrary web script or HTML. This impacts users who can be targeted via crafted input sent to the affected endpoint, pote...