40 matches found
EUVD-2007-3344
Malware in sbrugna...
EUVD-2007-3345
Malware in sbrugna...
EUVD-2005-3973
Malware in sbrugna...
NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 gallery.php CatID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15683/info NetClassifieds is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
NetClassifieds <= 1.9.7 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24584/info NetClassifieds is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues and cross-site...
netclassifieds (sql/xss/full path) Multiple Vulnerabilities
No description provided by source. Application: NetClassifieds: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 ViewItem.php ItemNum Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15683/info NetClassifieds is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
Gallery NetClassifieds Blind SQL Injection
Exploit for php platform in category web applications :----------------------------------------------------------------------------------------------------------------------------------------------: Gallery NetClassifieds Blind SQL Injection...
NetClassifieds Sql Injection
Aria-Security Team Persian Security Team http://Aria-Security.Net Persian http://Aria-Security.com ENG -------------------------------------------- Greetz: Aura, imm02tal, Null, Kinglet, Mormoroth http://www.scriptdevelopers.net/ tested on NetClassifieds Original Post @...
netclassifieds-multi.txt
Application: NetClassifieds version: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities
No description provided by source. Application: NetClassifieds: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
Design/Logic Flaw
NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...
CVE-2007-3355
Multiple cross-site scripting XSS vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-3356
NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...
Sql injection
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...
Design/Logic Flaw
NetClassifieds Premium Edition does not use encryption for 1 stored passwords or 2 sensitive data, which might allow attackers to obtain information via certain vectors...
CVE-2007-3357
NetClassifieds Premium Edition does not use encryption for 1 stored passwords or 2 sensitive data, which might allow attackers to obtain information via certain vectors...
CVE-2007-3354
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-3356
NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...