Rainworx » Rwauction Pro : Security Vulnerabilities, CVEs, CVSS score >= 3
Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060.
Max CVSS
4.3
EPSS Score
0.26%
Published
2007-07-03
Updated
2011-03-08
Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter.
Max CVSS
4.3
EPSS Score
0.50%
Published
2005-12-07
Updated
2017-07-20
2 vulnerabilities found