Deltascripts

Php Classifieds

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2010-4914

Exploit
  • EPSS 0.51%
  • Veröffentlicht 08.10.2011 10:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.

7.5

CVE-2008-5805

Exploit
  • EPSS 0.44%
  • Veröffentlicht 31.12.2008 11:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.

7.5

CVE-2008-5806

Exploit
  • EPSS 0.93%
  • Veröffentlicht 31.12.2008 11:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from thir...

7.5

CVE-2007-2254

  • EPSS 0.71%
  • Veröffentlicht 25.04.2007 17:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Al...

7.5

CVE-2006-5828

Exploit
  • EPSS 1.12%
  • Veröffentlicht 10.11.2006 01:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

7.5

CVE-2006-5520

  • EPSS 0.74%
  • Veröffentlicht 26.10.2006 16:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the set_path parameter.

7.5

CVE-2006-5208

Exploit
  • EPSS 1.29%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php.

7.5

CVE-2006-3329

  • EPSS 0.59%
  • Veröffentlicht 30.06.2006 23:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.

6.8

CVE-2006-3330

  • EPSS 1.46%
  • Veröffentlicht 30.06.2006 23:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly ...

4.3

CVE-2006-1532

  • EPSS 0.53%
  • Veröffentlicht 30.03.2006 11:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter.