3 matches found
CVE-2008-6351
Summary (CVE-2008-6351) : A cross-site scripting (XSS) vulnerability affects TurnkeyForms Local Classifieds in the file listtest.php , exploitable via the r parameter. The issue allows remote attackers to inject arbitrary web script or HTML. The provided documents do not specify affected versions...
CVE-2008-6302
TurnkeyForms Local Classifieds (CVE-2008-6302) is affected by an authentication bypass in Site_Admin/admin.php, allowing remote attackers to gain administrative access. CVSS v2 base score 7.5 (NETWORK, LOW complexity, no auth). Exploitation references exist (Exploit-DB, X-Force, Secunia, etc.). O...
CVE-2008-6350
CVE-2008-6350 defines an SQL injection vulnerability in listtest.php of TurnkeyForms Local Classifieds. The flaw allows remote attackers to inject SQL via the r parameter and execute arbitrary commands, with a CVSS2 base score of 7.5 (HIGH) and network/low complexity conditions. Affected componen...