Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpauctions phpauctions vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6663
SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106.
Phpauctions Phpauctions
1 EDB exploit
7.5
CVSSv2
CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
4.3
CVSSv2
CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to inject arbitrary web script or HTML via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
7.5
CVSSv2
CVE-2009-0108
PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
Phpauctions Phpauctions Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-3487
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpauctions Phpauction Gpl Enhanced 2.51
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started