Osclass Security Advisory 3.4.1 - Local File Inclusion

A directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a render action to oc-admin/index.php. id: CVE-2014-6308 info: name: Osclass Security Advisory 3.4.1 - Local File Inclusion author: daffainfo...

📄 glFusion 1.3.0 Blind SQL Injection

A critical blind SQL Injection vulnerability exists in glFusion CMS version 1.3.0, affecting the Media Gallery search functionality. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL commands and potentially compromise the entire database. This is older research...

EUVD-2014-7934

Malware in sbrugna...

EUVD-2018-6398

Malware in sbrugna...

EUVD-2012-5085

Malware in sbrugna...

EUVD-2014-7932

Malware in sbrugna...

EUVD-2014-6165

Malware in sbrugna...

EUVD-2016-1745

Malware in sbrugna...

EUVD-2012-0996

Malware in sbrugna...

EUVD-2014-7933

Malware in sbrugna...

EUVD-2012-5086

Malware in sbrugna...

CVE-2024-27515

Osclass 5.1.2 is vulnerable to SQL Injection...

CVE-2012-0973

Multiple SQL injection vulnerabilities in OSClass before 2.3.5 allow remote attackers to execute arbitrary SQL commands via the sCategory parameter to index.php, which is not properly handled by the 1 oscsearchcategoryid function in oc-includes/osclass/helpers/hSearch.php and 2 findBySlug functio...

CVE-2016-10751

osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax=ajaxupload...

CVE-2012-0974

Multiple cross-site scripting XSS vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the 1 sCity, 2 sPattern, 3 sPriceMax, and 4 sPriceMin parameters in a search action to...

CVE-2024-27515

Osclass 5.1.2 is vulnerable to SQL Injection...

CVE-2024-27515

Osclass 5.1.2 is vulnerable to SQL Injection...

Sql injection

Osclass 5.1.2 is vulnerable to SQL Injection...

Osclass Security Vulnerabilities

Osclass is an open source content management system CMS based on PHP and MySQL for creating and managing classified ads websites. A security vulnerability exists in Osclass version 5.1.2, which stems from vulnerability to SQL injection attacks...

PT-2024-21925 · Osclass · Osclass

Name of the Vulnerable Software and Affected Versions: Osclass version 5.1.2 Description: The issue is related to SQL Injection. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations:...