CVE-2009-3530

RadBids Gold 4 (RadScripts) is affected by a cross-site scripting (XSS) vulnerability in storefront.php via the mode parameter. The available sources (NVD, CVE listings) confirm the vulnerability but do not provide additional technical details such as affected versions beyond RadBids Gold 4, or c...

CVE-2005-1074

CVE-2005-1074 : SQL injection in index.php for RadScripts RadBids Gold 2. An attacker can supply the mode parameter to remotely execute arbitrary SQL commands. Affected: RadScripts RadBids Gold 2; vulnerability arises in the index.php handling of mode. CVSSv2 base score 7.5 (HIGH) with network ac...

CVE-2009-3529

The CVE-2009-3529 entry concerns RadScripts RadBids Gold 4. Vulnerability : SQL injection in index.php triggered by the fid parameter in a view_forum action, enabling remote attackers to execute arbitrary SQL commands. This is a different vector than CVE-2005-1074. Impact : Partial confidentialit...

CVE-2005-1073

CVE-2005-1073 describes a directory-traversal vulnerability in RadScripts RadBids Gold 2, where an attacker can read arbitrary files via the read parameter in index.php. The NVD entry lists a 5.0/Medium CVSS v2 base score with network exposure and no authentication, indicating remote access is po...

CVE-2005-1075

The CVE-2005-1075 entry describes multiple cross-site scripting (XSS) vulnerabilities in the RadScripts RadBids Gold 2 application. The affected component is the web interface (faq.php and index.php) where user-supplied parameters can be injected: farea in faq.php; cat, order, or area in index.ph...