cbcvebase.
CVE-2011-10011
published 2025-08-13

CVE-2011-10011: WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is…

PriorityP272critical10CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.59%
72.6th percentile
WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application.

Affected

1 ranges
VendorProductVersion rangeFixed in
webidwebid<= 1.0.2

Detection & IOCsextracted from sources · hover to see the quote

pathconverter.php
pathincludes/currencies.php
  • Monitor POST requests to converter.php for suspicious or PHP-containing values in the 'to' parameter, which is written unsanitized into includes/currencies.php
  • Alert on unexpected modifications to includes/currencies.php, as successful exploitation results in persistent PHP code injection into this file
  • No authentication is required to exploit this vulnerability; treat any POST to converter.php from unauthenticated sessions as high-risk
  • ·Vulnerability is specific to WeBid version 1.0.2; detections should be scoped to deployments running this exact version
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.