CVE-2008-7117

Name of the Vulnerable Software and Affected Versions WeBid auction script version 0.5.4

Description The issue allows remote attackers to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. This can probably be leveraged for cross-site scripting (XSS) attacks.

Recommendations For WeBid auction script version 0.5.4, avoid using the file parameter to access style.css until a fix is available. As a temporary workaround, consider restricting access to the eledicss.php file to minimize the risk of exploitation.