QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-3540

Back to search

CVE-2007-3540

Published: Jul 3, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060.

VendorProductVersions

n/a

n/a

affected
n/a

References

24668
vdb-entry
x_refsource_BID
25849
third-party-advisory
x_refsource_SECUNIA
36347
vdb-entry
x_refsource_OSVDB
ADV-2007-2368
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now