Deltascripts

Php Classifieds

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2010-4914

Exploit
  • EPSS 2.11%
  • Veröffentlicht 08.10.2011 10:55:07
  • Zuletzt bearbeitet 16.06.2026 23:25:47

PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.

7.5

CVE-2008-5805

Exploit
  • EPSS 1%
  • Veröffentlicht 31.12.2008 11:30:00
  • Zuletzt bearbeitet 16.06.2026 23:01:01

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.

7.5

CVE-2008-5806

Exploit
  • EPSS 1.15%
  • Veröffentlicht 31.12.2008 11:30:00
  • Zuletzt bearbeitet 16.06.2026 23:01:02

SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from thir...

7.5

CVE-2007-2254

  • EPSS 1.36%
  • Veröffentlicht 25.04.2007 17:19:00
  • Zuletzt bearbeitet 16.06.2026 22:39:13

PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Al...

7.5

CVE-2006-5828

Exploit
  • EPSS 1.09%
  • Veröffentlicht 10.11.2006 01:07:00
  • Zuletzt bearbeitet 16.06.2026 22:31:57

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

7.5

CVE-2006-5520

  • EPSS 1.39%
  • Veröffentlicht 26.10.2006 16:07:00
  • Zuletzt bearbeitet 16.06.2026 22:31:22

PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the set_path parameter.

7.5

CVE-2006-5208

Exploit
  • EPSS 1.21%
  • Veröffentlicht 10.10.2006 04:06:00
  • Zuletzt bearbeitet 16.06.2026 22:30:45

Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php.

7.5

CVE-2006-3329

  • EPSS 1.1%
  • Veröffentlicht 30.06.2006 23:05:00
  • Zuletzt bearbeitet 16.06.2026 22:26:51

SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.

6.8

CVE-2006-3330

  • EPSS 1.5%
  • Veröffentlicht 30.06.2006 23:05:00
  • Zuletzt bearbeitet 16.06.2026 22:26:51

Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly ...

4.3

CVE-2006-1532

  • EPSS 1.3%
  • Veröffentlicht 30.03.2006 11:02:00
  • Zuletzt bearbeitet 16.06.2026 22:23:08

Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter.