rainworx CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

rainworx vulnerability overview

Aggregates CVE and security vulnerability intelligence across all rainworx-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2022-23904 Rainworx Auctionworx < 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows an authenticated user to upgrade his account to admin and gain access to the auctionworx admin control panel. This vulnerability affects AuctionWorx Enterprise and AuctionWorx: Events Edition. [email protected] 8.0 0.24% 2022-05-02 2024-11-21
CVE-2007-3540 Multiple cross-site scripting (XSS) vulnerabilities in search.asp in rwAuction Pro 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) show, (3) searchtype, (4) catid, and (5) searchtxt parameters, a different version and vectors than CVE-2005-4060. [email protected] 4.3 0.35% 2007-07-03 2026-04-23
CVE-2005-4060 Cross-site scripting (XSS) vulnerability in search.asp in rwAuction Pro 4.0 and 5.0 allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. [email protected] 4.3 0.76% 2005-12-07 2026-04-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence