40 matches found
EUVD-2007-3344
Malware in sbrugna...
EUVD-2005-3973
Malware in sbrugna...
EUVD-2007-3345
Malware in sbrugna...
NetClassifieds <= 1.9.7 - Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24584/info NetClassifieds is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These vulnerabilities include multiple SQL-injection issues and cross-site...
netclassifieds (sql/xss/full path) Multiple Vulnerabilities
No description provided by source. Application: NetClassifieds: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 gallery.php CatID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15683/info NetClassifieds is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
NetClassifieds Standard 1.9/Professional 1.5/Premium 1.0 ViewItem.php ItemNum Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15683/info NetClassifieds is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
Gallery NetClassifieds Blind SQL Injection
Exploit for php platform in category web applications :----------------------------------------------------------------------------------------------------------------------------------------------: Gallery NetClassifieds Blind SQL Injection...
NetClassifieds Sql Injection
Aria-Security Team Persian Security Team http://Aria-Security.Net Persian http://Aria-Security.com ENG -------------------------------------------- Greetz: Aura, imm02tal, Null, Kinglet, Mormoroth http://www.scriptdevelopers.net/ tested on NetClassifieds Original Post @...
netclassifieds-multi.txt
Application: NetClassifieds version: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities
No description provided by source. Application: NetClassifieds: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...
CVE-2007-3356
NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...
Design/Logic Flaw
NetClassifieds Premium Edition does not use encryption for 1 stored passwords or 2 sensitive data, which might allow attackers to obtain information via certain vectors...
Sql injection
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...
CVE-2007-3354
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...
Design/Logic Flaw
NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-3357
NetClassifieds Premium Edition does not use encryption for 1 stored passwords or 2 sensitive data, which might allow attackers to obtain information via certain vectors...
CVE-2007-3355
Multiple cross-site scripting XSS vulnerabilities in NetClassifieds Premium Edition allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-3356
CVE-2007-3356 affects NetClassifieds Premium Edition. The vulnerability arises from error reporting paths that disclose sensitive information: (1) in Common.php and (2) imageresizer.php via display_errors, (3) use of FILE in error reporting by imageresizer.php, and (4) through requests that revea...