Php Pro Bid: Security Vulnerabilities
Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.
CVSS Score
7.5
EPSS Score
0.012
Published
2006-07-31
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter.
CVSS Score
4.3
EPSS Score
0.008
Published
2006-07-31