Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpauctions phpauctions vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6663
SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106.
Phpauctions Phpauctions
1 EDB exploit
NA
CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to inject arbitrary web script or HTML via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2009-0108
PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2008-3487
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpauctions Phpauction Gpl Enhanced 2.51
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started