Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
DeltascriptsPhp Classifieds

9 matches found

CVE
CVEadded 2007/04/25 5:19 p.m.46 views

CVE-2007-2254

PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Allfaclassfieds" in the original disclosure.

7.5CVSS7.5AI score0.00585EPSS
CVE
CVEadded 2006/10/26 4:7 p.m.42 views

CVE-2006-5520

PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the set_path parameter.

7.5CVSS7.9AI score0.00713EPSS
CVE
CVEadded 2008/12/31 11:30 a.m.35 views

CVE-2008-5805

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.

7.5CVSS8.4AI score0.00528EPSS
CVE
CVEadded 2006/10/10 4:6 a.m.34 views

CVE-2006-5208

Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php.

7.5CVSS9AI score0.00869EPSS
CVE
CVEadded 2006/02/15 10:6 p.m.32 views

CVE-2006-0719

SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter.

7.5CVSS8.6AI score0.00813EPSS
CVE
CVEadded 2006/06/30 11:5 p.m.32 views

CVE-2006-3329

SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.

7.5CVSS8.8AI score0.0118EPSS
CVE
CVEadded 2011/10/08 10:55 a.m.32 views

CVE-2010-4914

PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter.

7.5CVSS7.8AI score0.01259EPSS
CVE
CVEadded 2008/12/31 11:30 a.m.31 views

CVE-2008-5806

SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.

7.5CVSS8.5AI score0.00456EPSS
CVE
CVEadded 2006/11/10 1:7 a.m.25 views

CVE-2006-5828

SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.

7.5CVSS8.4AI score0.00528EPSS