2 matches found
CVE-2008-5805
CVE-2008-5805 is a SQL injection vulnerability in the DeltaScripts PHP Classifieds package (7.5 and earlier) affecting detail.php. Exploitation occurs via the siteid parameter, enabling remote attackers to execute arbitrary SQL commands. The description notes this is a different vector from CVE-2...
CVE-2008-5806
CVE-2008-5806 affects DeltaScripts PHP Classifieds 7.5 and earlier: a SQL injection flaw in login.php allows remote attackers to inject arbitrary SQL via the admin_username parameter (aka admin field). The vulnerability stems from unsafely constructed queries in the login handling code. Impact is...