3 matches found
CVE-2005-1074
CVE-2005-1074 : SQL injection in index.php for RadScripts RadBids Gold 2. An attacker can supply the mode parameter to remotely execute arbitrary SQL commands. Affected: RadScripts RadBids Gold 2; vulnerability arises in the index.php handling of mode. CVSSv2 base score 7.5 (HIGH) with network ac...
CVE-2005-1073
CVE-2005-1073 describes a directory-traversal vulnerability in RadScripts RadBids Gold 2, where an attacker can read arbitrary files via the read parameter in index.php. The NVD entry lists a 5.0/Medium CVSS v2 base score with network exposure and no authentication, indicating remote access is po...
CVE-2005-1075
The CVE-2005-1075 entry describes multiple cross-site scripting (XSS) vulnerabilities in the RadScripts RadBids Gold 2 application. The affected component is the web interface (faq.php and index.php) where user-supplied parameters can be injected: farea in faq.php; cat, order, or area in index.ph...