Cross-Site Scripting Vulnerability in iTechBids Gold by iTechBids
CVE-2008-4872

Currently unrated

Key Information:

Vendor: Itechscripts
Status: Itechbids
Vendor: CVE Published:; 1 November 2008

🔔 Create Itechscripts Vulnerability Alert

What is CVE-2008-4872?

A Cross-Site Scripting (XSS) vulnerability exists in the bidhistory.php file of iTechBids Gold 5.0, which enables remote attackers to inject arbitrary web scripts or HTML code via the item_id parameter. This risk allows for the execution of malicious scripts within a user's browser session, potentially compromising sensitive information and user interactions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46320

vdb-entryx_refsource_XF

http://secunia.com/advisories/28780

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2008
Vulnerability Reserved
Oct 31, 2008