Unrated severityNVD Advisory· Published Dec 14, 2005· Updated Apr 16, 2026

CVE-2005-4237

Description

Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.

Affected products

Servers R Us/Mysqlauction
cpe:2.3:a:servers-r-us:mysqlauction:*:*:*:*:*:*:*:*
Range: <=3.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

pridels0.blogspot.com/2005/12/mysql-auction-xss-vuln.htmlnvd
secunia.com/advisories/18006nvd
www.osvdb.org/21685nvd
www.securityfocus.com/bid/15852nvd
www.vupen.com/english/advisories/2005/2876nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000