Lucene search
RainworxRwauction Pro
2 matches found
CVE-2005-4060
Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter.
4.3CVSS5.7AI score0.0071EPSS
CVE-2007-3540
Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060.
4.3CVSS5.7AI score0.0071EPSS