EUVD-2012-5086

Malware in sbrugna...

CVE-2024-27515

Osclass 5.1.2 is vulnerable to SQL Injection...

CVE-2012-0974

Multiple cross-site scripting XSS vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the 1 sCity, 2 sPattern, 3 sPriceMax, and 4 sPriceMin parameters in a search action to...

CVE-2024-27515

Osclass 5.1.2 is vulnerable to SQL Injection...

PT-2024-21925 · Osclass · Osclass

Name of the Vulnerable Software and Affected Versions: Osclass version 5.1.2 Description: The issue is related to SQL Injection. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations:...

Osclass 'alert' Parameter SQL Injection Vulnerability

OSClass is a PHP MySQL based development , used to create and manage classified ads website open source system . The Osclass 'alert' parameter suffers from a SQL injection vulnerability because it fails to adequately filter user-supplied data before using it in a SQL query. Allows an attacker to...

CVE-2012-1617

Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. dot dot in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files...

Directory traversal

Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. dot dot in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files...

CVE-2012-1617

OSClass vulnerability CVE-2012-1617 affects combine.php prior to 2.3.6. A directory-traversal flaw (via a .. in the type parameter) may allow remote attackers to read and write arbitrary files and potentially upload files. Impact is partial confidentiality and integrity and no availability impact...