https://www.exploit-db.com/exploits/25371
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200505-713

RadScriptsRadBidsGold2存在多个跨站脚本攻击(XSS)漏洞，远程攻击者可以通过传给faq.php的(1)farea参数，或传给index.php的(2)cat，(3)order或(4)area参数，注入任意Web脚本或HTML。

source: http://www.securityfocus.com/bid/13080/info
 
RadBids Gold is reported prone to multiple vulnerabilities. These issues include arbitrary file disclosure, cross-site scripting, and SQL injection.
 
The following specific vulnerabilities were identified:
 
A remote attacker can disclose arbitrary files. Information gathered through this issue may allow the attacker to carry out other attacks against an affected computer.
 
The application is affected by a SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
 
Multiple cross-site scripting issues have been identified as well. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
 
RadBids Gold v2 is reported vulnerable to these issues. Other versions may be affected as well. 

http://www.example.com/auciton_software/faq.php?farea=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

来源:XF
名称:radbids-gold-php-xss(20038)
链接:http://xforce.iss.net/xforce/xfdb/20038
来源:BID
名称:13080
链接:http://www.securityfocus.com/bid/13080
来源:BUGTRAQ
名称:20050409Directorytransversal,sqlinjectionandxssvulnerabilitiesinRadBidsGoldv2
链接:http://www.securityfocus.com/archive/1/395527
来源:OSVDB
名称:15431
链接:http://www.osvdb.org/15431
来源:OSVDB
名称:15430
链接:http://www.osvdb.org/15430
来源:SECUNIA
名称:14906
链接:http://secunia.com/advisories/14906