Other

WeBid

WeBid is an open-source auction script written in the popular language PHP which a massive collection of inbuilt features. WeBid is the perfect choice for setting up any auction site. WeBid has an easy to use administration panel and a user-friendly installation process which allows you to have your own auction site set up in minutes.

Official Site:

http://www.webidsupport.com

Severity Summary:

Critical: 3 High: 5 Medium: 6

Reference

Title

Severity

CVE-2022-41477

WeBid Server-Side Request Forgery (SSRF) Vulnerability

Critical

CVE-2020-23359

WeBid Incorrect Comparison Vulnerability

Critical

CVE-2023-47397

WeBid Improper Control of Generation of Code (Code Injection) Vulnerability

Critical

CVE-2018-1000882

WeBid Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

High

CVE-2018-1000867

WeBid Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability

High

CVE-2014-5114

WeBid Other Vulnerability

High

CVE-2008-7119

WeBid Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability

High

CVE-2008-7116

WeBid Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability

High

CVE-2019-11592

WeBid Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2018-1000868

WeBid Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2014-5101

WeBid Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Medium

CVE-2011-3815

WeBid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

Medium

CVE-2008-7118

WeBid Permissions Privileges and Access Controls Vulnerability

Medium

CVE-2008-7117

WeBid Permissions Privileges and Access Controls Vulnerability

Medium