Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

seebug.org
seebug.orgadded 2007/12/24 12:0 a.m.64 views

PHP Real Estate Classifieds "id" SQL Injection

t0pP8uZz & xprog have reported a vulnerability in PHP Real Estate Classifieds, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "id" parameter in fullnews.php is not properly sanitised before being used in SQL queries. This can be exploited to...

8.1AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2007/12/20 12:46 a.m.2 views

CVE-2007-6462

SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS6.4AI score0.00462EPSS
Exploits1References5
NVD
NVDadded 2007/12/20 12:46 a.m.7 views

CVE-2007-6462

SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.4AI score0.00462EPSS
Exploits1References4
CVE
CVEadded 2007/12/20 12:0 a.m.44 views

CVE-2007-6462

CVE-2007-6462 affects PHP Real Estate Classifieds (fullnews.php) where the id parameter is vulnerable to SQL injection. Remote attackers could potentially execute arbitrary SQL commands through this parameter. The vulnerability is documented across multiple feeds (NVD, CVE lists) with a consisten...

7.5CVSS8.5AI score0.00462EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2007/12/20 12:0 a.m.17 views

CVE-2007-6462

SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the id parameter...

8.4AI score0.00462EPSS
Exploits1References4
seebug.org
seebug.orgadded 2007/12/18 12:0 a.m.22 views

PHP Real Estate Classifieds 'fullnews.php' SQL注入漏洞

PHP Real Estate Classifieds是一款基于PHP的WEB应用程序。 PHP Real Estate Classifieds不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于''fullnews.php''脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 PHP Real Estate Classifieds Premium Plus 目前没有解决方案提供: http://phprealestatescript.com/...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2007/12/14 12:0 a.m.42 views

PHP Real Estate - 'fullnews.php?id' SQL Injection

--==+================================================================================+==-- --==+ PHP Real Estate SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: http://phprealestatescript.c...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2004/04/23 12:0 a.m.24 views

[Full-Disclosure] Cross Site Scripting fusion news

===================================================================== ========================== DarkBicho ================================ PROGRAM: fusion news HOMEPAGE: http://www.fusionphp.net/ version: 3.6.1 Bug: Cross Site Scripting Date: 22/04/2003 Author: DarkBicho web:...

0.8AI score
Exploits0
Rows per page
Query Builder