CVE-2022-50968 | uBidAuction 2.0.1 GET auctions/manage filter date_created/date_from/date_to/created_at cross site scripting (Exploit 50693 / EDB-50693)

Inserito da Angelo Barbosa | Mag 10, 2026 | CVE

A vulnerability labeled as problematic has been found in uBidAuction 2.0.1. This affects the function filter of the file auctions/manage of the component GET Handler. Such manipulation of the argument date_created/date_from/date_to/created_at leads to cross site scripting.

This vulnerability is referenced as CVE-2022-50968. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2022-50968 | uBidAuction 2.0.1 GET auctions/manage filter date_created/date_from/date_to/created_at cross site scripting (Exploit 50693 / EDB-50693)

Post correlati

CVE-2026-22981 | Linux Kernel up to 6.18.5/6.19-rc4 idpf_detach_and_close null pointer dereference

CVE-2025-0049 | Fortra GoAnywhere up to 7.7 information exposure

CVE-2024-11970 | code-projects Concert Ticket Ordering System 1.0 /tour(cor).php mai sql injection

CVE-2024-34034 | DOS FlexRIC 2.0.0 Flexible RAN Intelligent Controller (FlexRIC) denial of service