Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter.
5.7AI Score
0.002EPSS
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
8.3AI Score
0.002EPSS
SQL injection vulnerability in ChangeEmail.php in iTechClassifieds 3.03.057 allows remote attackers to execute arbitrary SQL commands via the PreviewNum parameter. NOTE: the CatID parameter is already covered by CVE-2008-0685.
8.6AI Score
0.002EPSS