Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for active_auction_house by active_web_softwares

    CVE-2007-1712 (GCVE-0-2007-1712)

    Vulnerability from nvd – Published: 2007-03-27 21:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3551 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/34420 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/24626 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/1097 vdb-entryx_refsource_VUPEN
    Date Public
    2007-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:26.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3551",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3551"
              },
              {
                "name": "activeauctionpro-default-sql-injection(33182)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
              },
              {
                "name": "34420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34420"
              },
              {
                "name": "24626",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24626"
              },
              {
                "name": "ADV-2007-1097",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3551",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3551"
            },
            {
              "name": "activeauctionpro-default-sql-injection(33182)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
            },
            {
              "name": "34420",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34420"
            },
            {
              "name": "24626",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24626"
            },
            {
              "name": "ADV-2007-1097",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1712",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3551",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3551"
                },
                {
                  "name": "activeauctionpro-default-sql-injection(33182)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
                },
                {
                  "name": "34420",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34420"
                },
                {
                  "name": "24626",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24626"
                },
                {
                  "name": "ADV-2007-1097",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1712",
        "datePublished": "2007-03-27T21:00:00.000Z",
        "dateReserved": "2007-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:26.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1030 (GCVE-0-2005-1030)

    Vulnerability from nvd – Published: 2005-04-09 04:00 – Updated: 2024-08-07 21:35
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/15287 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13038 vdb-entryx_refsource_BID
    http://www.osvdb.org/15286 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13036 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/13039 vdb-entryx_refsource_BID
    http://www.securitytracker.com/alerts/2005/Apr/10… vdb-entryx_refsource_SECTRACK
    http://digitalparadox.org/advisories/aass.txt x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111280834000432&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/15284 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/15285 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/14839 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.653Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15287"
              },
              {
                "name": "13038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13038"
              },
              {
                "name": "15286",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15286"
              },
              {
                "name": "13036",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13036"
              },
              {
                "name": "13039",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13039"
              },
              {
                "name": "1013649",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://digitalparadox.org/advisories/aass.txt"
              },
              {
                "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
              },
              {
                "name": "15284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15284"
              },
              {
                "name": "15285",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15285"
              },
              {
                "name": "aah-multiple-scripts-xss(19975)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
              },
              {
                "name": "14839",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14839"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15287",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15287"
            },
            {
              "name": "13038",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13038"
            },
            {
              "name": "15286",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15286"
            },
            {
              "name": "13036",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13036"
            },
            {
              "name": "13039",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13039"
            },
            {
              "name": "1013649",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://digitalparadox.org/advisories/aass.txt"
            },
            {
              "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
            },
            {
              "name": "15284",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15284"
            },
            {
              "name": "15285",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15285"
            },
            {
              "name": "aah-multiple-scripts-xss(19975)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
            },
            {
              "name": "14839",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14839"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1030",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15287",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15287"
                },
                {
                  "name": "13038",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13038"
                },
                {
                  "name": "15286",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15286"
                },
                {
                  "name": "13036",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13036"
                },
                {
                  "name": "13039",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13039"
                },
                {
                  "name": "1013649",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
                },
                {
                  "name": "http://digitalparadox.org/advisories/aass.txt",
                  "refsource": "MISC",
                  "url": "http://digitalparadox.org/advisories/aass.txt"
                },
                {
                  "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
                },
                {
                  "name": "15284",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15284"
                },
                {
                  "name": "15285",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15285"
                },
                {
                  "name": "aah-multiple-scripts-xss(19975)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
                },
                {
                  "name": "14839",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14839"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1030",
        "datePublished": "2005-04-09T04:00:00.000Z",
        "dateReserved": "2005-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:35:59.653Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1029 (GCVE-0-2005-1029)

    Vulnerability from nvd – Published: 2005-04-09 04:00 – Updated: 2024-08-07 21:35
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/13034 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/15283 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/alerts/2005/Apr/10… vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/15281 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13032 vdb-entryx_refsource_BID
    http://digitalparadox.org/advisories/aass.txt x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111280834000432&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/13035 vdb-entryx_refsource_BID
    http://secunia.com/advisories/14839 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/15282 vdb-entryx_refsource_OSVDB
    Date Public
    2005-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "13034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13034"
              },
              {
                "name": "aah-multiple-scripts-sql-injection(19977)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
              },
              {
                "name": "15283",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15283"
              },
              {
                "name": "1013649",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
              },
              {
                "name": "15281",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15281"
              },
              {
                "name": "13032",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13032"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://digitalparadox.org/advisories/aass.txt"
              },
              {
                "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
              },
              {
                "name": "13035",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13035"
              },
              {
                "name": "14839",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14839"
              },
              {
                "name": "15282",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15282"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "13034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13034"
            },
            {
              "name": "aah-multiple-scripts-sql-injection(19977)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
            },
            {
              "name": "15283",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15283"
            },
            {
              "name": "1013649",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
            },
            {
              "name": "15281",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15281"
            },
            {
              "name": "13032",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13032"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://digitalparadox.org/advisories/aass.txt"
            },
            {
              "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
            },
            {
              "name": "13035",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13035"
            },
            {
              "name": "14839",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14839"
            },
            {
              "name": "15282",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15282"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1029",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "13034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13034"
                },
                {
                  "name": "aah-multiple-scripts-sql-injection(19977)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
                },
                {
                  "name": "15283",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15283"
                },
                {
                  "name": "1013649",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
                },
                {
                  "name": "15281",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15281"
                },
                {
                  "name": "13032",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13032"
                },
                {
                  "name": "http://digitalparadox.org/advisories/aass.txt",
                  "refsource": "MISC",
                  "url": "http://digitalparadox.org/advisories/aass.txt"
                },
                {
                  "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
                },
                {
                  "name": "13035",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13035"
                },
                {
                  "name": "14839",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14839"
                },
                {
                  "name": "15282",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15282"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1029",
        "datePublished": "2005-04-09T04:00:00.000Z",
        "dateReserved": "2005-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:35:59.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-1712 (GCVE-0-2007-1712)

    Vulnerability from cvelistv5 – Published: 2007-03-27 21:00 – Updated: 2024-08-07 13:06
    VLAI
    Summary
    SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/3551 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/34420 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/24626 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2007/1097 vdb-entryx_refsource_VUPEN
    Date Public
    2007-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T13:06:26.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "3551",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/3551"
              },
              {
                "name": "activeauctionpro-default-sql-injection(33182)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
              },
              {
                "name": "34420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/34420"
              },
              {
                "name": "24626",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24626"
              },
              {
                "name": "ADV-2007-1097",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/1097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "3551",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/3551"
            },
            {
              "name": "activeauctionpro-default-sql-injection(33182)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
            },
            {
              "name": "34420",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/34420"
            },
            {
              "name": "24626",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24626"
            },
            {
              "name": "ADV-2007-1097",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/1097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-1712",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Auction Pro 7.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "3551",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/3551"
                },
                {
                  "name": "activeauctionpro-default-sql-injection(33182)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33182"
                },
                {
                  "name": "34420",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/34420"
                },
                {
                  "name": "24626",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24626"
                },
                {
                  "name": "ADV-2007-1097",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/1097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-1712",
        "datePublished": "2007-03-27T21:00:00.000Z",
        "dateReserved": "2007-03-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T13:06:26.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1030 (GCVE-0-2005-1030)

    Vulnerability from cvelistv5 – Published: 2005-04-09 04:00 – Updated: 2024-08-07 21:35
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/15287 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13038 vdb-entryx_refsource_BID
    http://www.osvdb.org/15286 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13036 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/13039 vdb-entryx_refsource_BID
    http://www.securitytracker.com/alerts/2005/Apr/10… vdb-entryx_refsource_SECTRACK
    http://digitalparadox.org/advisories/aass.txt x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111280834000432&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/15284 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/15285 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/14839 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.653Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15287",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15287"
              },
              {
                "name": "13038",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13038"
              },
              {
                "name": "15286",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15286"
              },
              {
                "name": "13036",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13036"
              },
              {
                "name": "13039",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13039"
              },
              {
                "name": "1013649",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://digitalparadox.org/advisories/aass.txt"
              },
              {
                "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
              },
              {
                "name": "15284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15284"
              },
              {
                "name": "15285",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15285"
              },
              {
                "name": "aah-multiple-scripts-xss(19975)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
              },
              {
                "name": "14839",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14839"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15287",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15287"
            },
            {
              "name": "13038",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13038"
            },
            {
              "name": "15286",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15286"
            },
            {
              "name": "13036",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13036"
            },
            {
              "name": "13039",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13039"
            },
            {
              "name": "1013649",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://digitalparadox.org/advisories/aass.txt"
            },
            {
              "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
            },
            {
              "name": "15284",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15284"
            },
            {
              "name": "15285",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15285"
            },
            {
              "name": "aah-multiple-scripts-xss(19975)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
            },
            {
              "name": "14839",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14839"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1030",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers to inject arbitrary web script or HTML via the (1) ReturnURL, (2) password, (3) username parameter, (4) ReturnURL parameter to account.asp, (5) Table, (6) Title parameter to sendpassword.asp, or (7) itemid to watchthisitem.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15287",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15287"
                },
                {
                  "name": "13038",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13038"
                },
                {
                  "name": "15286",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15286"
                },
                {
                  "name": "13036",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13036"
                },
                {
                  "name": "13039",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13039"
                },
                {
                  "name": "1013649",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
                },
                {
                  "name": "http://digitalparadox.org/advisories/aass.txt",
                  "refsource": "MISC",
                  "url": "http://digitalparadox.org/advisories/aass.txt"
                },
                {
                  "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
                },
                {
                  "name": "15284",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15284"
                },
                {
                  "name": "15285",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15285"
                },
                {
                  "name": "aah-multiple-scripts-xss(19975)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19975"
                },
                {
                  "name": "14839",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14839"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1030",
        "datePublished": "2005-04-09T04:00:00.000Z",
        "dateReserved": "2005-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:35:59.653Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-1029 (GCVE-0-2005-1029)

    Vulnerability from cvelistv5 – Published: 2005-04-09 04:00 – Updated: 2024-08-07 21:35
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/13034 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/15283 vdb-entryx_refsource_OSVDB
    http://www.securitytracker.com/alerts/2005/Apr/10… vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/15281 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/13032 vdb-entryx_refsource_BID
    http://digitalparadox.org/advisories/aass.txt x_refsource_MISC
    http://marc.info/?l=bugtraq&m=111280834000432&w=2 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/13035 vdb-entryx_refsource_BID
    http://secunia.com/advisories/14839 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/15282 vdb-entryx_refsource_OSVDB
    Date Public
    2005-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:35:59.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "13034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13034"
              },
              {
                "name": "aah-multiple-scripts-sql-injection(19977)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
              },
              {
                "name": "15283",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15283"
              },
              {
                "name": "1013649",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
              },
              {
                "name": "15281",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15281"
              },
              {
                "name": "13032",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13032"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://digitalparadox.org/advisories/aass.txt"
              },
              {
                "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
              },
              {
                "name": "13035",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13035"
              },
              {
                "name": "14839",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/14839"
              },
              {
                "name": "15282",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/15282"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "13034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13034"
            },
            {
              "name": "aah-multiple-scripts-sql-injection(19977)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
            },
            {
              "name": "15283",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15283"
            },
            {
              "name": "1013649",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
            },
            {
              "name": "15281",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15281"
            },
            {
              "name": "13032",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13032"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://digitalparadox.org/advisories/aass.txt"
            },
            {
              "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
            },
            {
              "name": "13035",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13035"
            },
            {
              "name": "14839",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/14839"
            },
            {
              "name": "15282",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/15282"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-1029",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "13034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13034"
                },
                {
                  "name": "aah-multiple-scripts-sql-injection(19977)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19977"
                },
                {
                  "name": "15283",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15283"
                },
                {
                  "name": "1013649",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/alerts/2005/Apr/1013649.html"
                },
                {
                  "name": "15281",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15281"
                },
                {
                  "name": "13032",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13032"
                },
                {
                  "name": "http://digitalparadox.org/advisories/aass.txt",
                  "refsource": "MISC",
                  "url": "http://digitalparadox.org/advisories/aass.txt"
                },
                {
                  "name": "20050406 Active Auction House has multiple Sql injection, error and XSS",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=111280834000432\u0026w=2"
                },
                {
                  "name": "13035",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13035"
                },
                {
                  "name": "14839",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/14839"
                },
                {
                  "name": "15282",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/15282"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-1029",
        "datePublished": "2005-04-09T04:00:00.000Z",
        "dateReserved": "2005-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:35:59.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }