VYPR

AJ Auction Pro Platinum

by AJ Auction

CVEs (2)

  • CVE-2008-6004Jan 28, 2009
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter.

  • CVE-2008-6003Jan 28, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote attackers to execute arbitrary SQL commands via the seller_id parameter.