Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpauctions phpauctions vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6663
SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106.
Phpauctions Phpauctions
1 EDB exploit
NA
CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to inject arbitrary web script or HTML via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2009-0108
PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2008-3487
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpauctions Phpauction Gpl Enhanced 2.51
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started