4 matches found
CVE-2006-3330
Cross-site scripting XSS vulnerability in AddAsset1.php in PHP/MySQL Classifieds PHP Classifieds allows remote attackers to execute arbitrary SQL commands via the 1 ProductName "Title" field, 2 url, and 3 Description parameters, possibly related to issues in add1.php...
CVE-2006-3329
The CVE-2006-3329 entry concerns a SQL injection in search.php of PHP/MySQL Classifieds (PHP Classifieds). The vulnerability is exploitable via the rate parameter, potentially affecting data confidentiality, integrity, and availability as indicated by CVSS v2 base metrics (AV:N/AC:L/Au:N/C:P/I:P/...
CVE-2006-3329
SQL injection vulnerability in search.php in PHP/MySQL Classifieds PHP Classifieds allows remote attackers to execute arbitrary SQL commands via the rate parameter...
CVE-2006-3330
The CVE-2006-3330 entry describes a Cross-site Scripting (XSS) vulnerability in AddAsset1.php of PHP/MySQL Classifieds (PHP Classifieds). The weakness allows remote attackers to influence the application via the ProductName (Title), url, and Description parameters, potentially related to issues i...